The Twittor backdoor uses the Twitter social media network as its command and control server, the Twittor backdoor was crafted after the author got inspired by the Gcat backdoor which used the Gmail service as a command and control service.
The adult version of Gcat is titled Gdog, and you can find it here on cyberwarzone. But let’s continue with Twittor.
The client needs the following Python version / modules:
Twittor is capable of:
- refresh – refresh C&C control
- list_bots – list active bots
- list_commands – list executed commands
- !retrieve <jobid> – retrieve jobid command
- !cmd <MAC ADDRESS> command – execute the command on the bot
- !shellcode <MAC ADDRESS> shellcode – load and execute shellcode in memory (Windows only)
The developers of Twittor state that you will need to use a dedicated Twitter account if you are going to use the Twittor backdoor.