[English] [中文] [API Document] [API文档]
Spark is a free, safe, open-source, web-based, cross-platform and full-featured RAT (Remote Administration Tool) that allow you to control all your devices via browser anywhere.
We won't collect any data, thus the server will never self-upgrade. Your clients will only communicate with your server forever.
Due to my busy schedule with personal matters and the abuse of this project for cyberattacks, it's going to reach its end of life and will be archived very soon.
I will no longer provide any support for this project, as it is officially abandoned.
THIS PROJECT, ITS SOURCE CODE, AND ITS RELEASES SHOULD ONLY BE USED FOR EDUCATIONAL PURPOSES.
ALL ILLEGAL USAGE IS PROHIBITED!
YOU SHALL USE THIS PROJECT AT YOUR OWN RISK.
THE AUTHORS AND DEVELOPERS ARE NOT RESPONSIBLE FOR ANY DAMAGE CAUSED BY YOUR MISUSE OF THIS PROJECT.
YOUR DATA IS PRICELESS. THINK TWICE BEFORE YOU CLICK ANY BUTTON OR ENTER ANY COMMAND.
If you found any security vulnerability, please DO NOT open an issue and immediately contact me via email.
- Download executable from releases.
- Following this to complete configuration.
- Run executable and browse to
http://IP:Port
to access the web interface. - Generate a client and run it on your target device.
- Enjoy!
Configuration file config.json
should be placed in the same directory as the executable file.
Example:
{
"listen": ":8000",
"salt": "123456abcdef",
"auth": {
"username": "password"
},
"log": {
"level": "info",
"path": "./logs",
"days": 7
}
}
listen
required
, format:IP:Port
salt
required
, length <= 24- after modification, you need to re-generate all clients
auth
optional
, format:username:password
- hashed-password is highly recommended
- format:
$algorithm$hashed-password
, example:$sha256$11223344556677AABBCCDDEEFF
- supported algorithms:
sha256
,sha512
,bcrypt
- if you don't follow the format, password will be treated as plain-text
log
optional
level
optional
, possible value:disable
,fatal
,error
,warn
,info
,debug
path
optional
, default:./logs
days
optional
, default:7
Feature/OS | Windows | Linux | MacOS |
---|---|---|---|
Process manager | ✔ | ✔ | ✔ |
Kill process | ✔ | ✔ | ✔ |
Network traffic | ✔ | ✔ | ✔ |
File explorer | ✔ | ✔ | ✔ |
File transfer | ✔ | ✔ | ✔ |
File editor | ✔ | ✔ | ✔ |
Delete file | ✔ | ✔ | ✔ |
Code highlight | ✔ | ✔ | ✔ |
Desktop monitor | ✔ | ✔ | ✔ |
Screenshot | ✔ | ✔ | ✔ |
OS info | ✔ | ✔ | ✔ |
Terminal | ✔ | ✔ | ✔ |
* Shutdown | ✔ | ✔ | ✔ |
* Reboot | ✔ | ✔ | ✔ |
* Log off | ✔ | ❌ | ✔ |
* Sleep | ✔ | ❌ | ✔ |
* Hibernate | ✔ | ❌ | ❌ |
* Lock screen | ✔ | ❌ | ❌ |
- Blank cell means the situation is not tested yet.
- The Star symbol means the function may need administration or root privilege.
There are three components in this project, so you have to build them all.
Go to Quick start if you don't want to make yourself boring.
- Client
- Server
- Front-end
If you want to make client support OS except linux and windows, you should install some additional C compiler.
For example, to support android, you have to install Android NDK.
# Clone this repository.
$ git clone https://github.com/XZB-1248/Spark
$ cd ./Spark
# Here we're going to build front-end pages.
$ cd ./web
# Install all dependencies and build.
$ npm install
$ npm run build-prod
# Embed all static resources into one single file by using statik.
$ cd ..
$ go install github.com/rakyll/statik
$ statik -m -src="./web/dist" -f -dest="./server/embed" -p web -ns web
# Now we should build client.
# When you're using unix-like OS, you can use this.
$ mkdir ./built
$ go mod tidy
$ go mod download
$ ./scripts/build.client.sh
# Finally we're compiling the server side.
$ mkdir ./releases
$ ./scripts/build.server.sh
Then create a new directory with a name you like.
Copy executable file inside releases
to that directory.
Copy the whole built
directory to that new directory.
Copy configuration file mentioned above to that new directory.
Finally, run the executable file in that directory.
Spark contains many third-party open-source projects.
Lists of dependencies can be found at go.mod
and package.json
.
Some major dependencies are listed below.
-
gin-gonic/gin (MIT License)
-
imroc/req (MIT License)
-
kbinani/screenshot (MIT License)
-
gorilla/websocket (BSD-2-Clause License)
-
orcaman/concurrent-map (MIT License)
-
React (MIT License)
-
Ant-Design (MIT License)
-
axios (MIT License)
-
xterm.js (MIT License)
-
crypto-js (MIT License)
- natpass (MIT License)
- Image difference algorithm inspired by natpass.