Awesome

Pacdoor

Pacdoor is a proof-of-concept JavaScript malware implemented as a Proxy Auto-Configuration (PAC) File. Pacdoor includes a 2-way communication channel, ability to exfiltrate HTTPS URLs, disable access to cherry-picked URLs etc.

It was released as part of the Crippling HTTPS with Unholy PAC talk given at BlackHat USA 2016 conference by Itzik Kotler and Amit Klein from SafeBreach Labs.

Slides are availble here

Version

0.1.0

Installation

Pacdoor requires Python 2.7.x to run.

$ git clone https://github.com/SafeBreach-Labs/pacdoor.git
$ cd pacdoor
$ cd server
$ pip install -r requirements.txt

License

BSD 3-Clause