Skip to content

keklick1337/PhantomGateC99

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
cross-build
cross-build
 
 
examples
examples
 
 
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
configure
configure
 
 
signatures.txt
signatures.txt
 
 

Repository files navigation

PhantomGate (C99)

c99 version ( C99 VERSION [current] | PYTHON VERSION )

PhantomGate (C99) is a minimalistic port spoofer, fully rewritten from the original Python version by the same author. It responds with fake or randomized signatures to confuse port scanners.

Created by Vladislav Tislenko (aka keklick1337)

Features

  • Minimal dependencies (plain C99 and pthreads).
  • Simple configuration via command-line flags (--debug, --quiet, etc.).
  • Signature file supports both raw and regex-like lines.
  • Basic randomization of responses.
  • Optional logging to file (--logfile or -f) with timestamps.
  • Client reporting (--report-clients or -r) to show which signature was sent to each client.

Download

Precompiled binaries (for multiple architectures) are available on the Release Page.

Platform Download
Linux x86_64 Download x86_64
Linux aarch64 Download aarch64
Linux armv7 Download armv7
Linux mips Download mips
Linux riscv64 Download riscv64
Linux i386 Download i386

Quick Start

  1. Clone or Download this repository (make sure signatures.txt is in the same directory as phantomgate).
  2. Build: 
    ./configure
make
    Or compile manually: 
    gcc -std=c99 src/phantomgate.c -o phantomgate -pthread
  3. Run: 
    ./phantomgate -s signatures.txt -l 0.0.0.0:8888 -v
    • -s, --signatures – specify the signature file (default: signatures.txt).
    • -l, --listen – listen on a given host:port (default: 127.0.0.1:8888).
    • -d, --debug – enable debug output (shows debug logs).
    • -v, --verbose – enable verbose output (info-level logs).
    • -q, --quiet – only show error messages.
    • -r, --report-clients – show which signature was sent to each client (includes debug info).
    • -f, --logfile – path to a logfile for saving all logs with timestamps.
    • -V, --version – show version and exit.

Example usage with new arguments:

./phantomgate -s signatures.txt \
              -l 0.0.0.0:8888 \
              -r \
              -f myphantom.log

Here, PhantomGate listens on all interfaces, port 8888, logs to the file myphantom.log, and prints which signature was sent to each client.

Redirecting All Traffic

To direct all incoming traffic for ports 1–65535 to PhantomGate’s port on Linux, you can use iptables:

INTERFACE="eth0"  # Replace with your network interface
sudo iptables -t nat -A PREROUTING -i $INTERFACE -p tcp -m tcp \
  -m multiport --dports 1:65535 -j REDIRECT --to-ports 8888

Then PhantomGate will effectively spoof any connection attempt on your machine. For more examples you can check Iptables Examples

Signature File

  • Raw lines: no parentheses or square brackets; can include \n, \r, \xNN.
  • Regex-like lines: contain ( or [; random expansions occur at runtime.

Other Info

  • For the Python version, see this link.
  • Author of both the original and this C99 rewrite: keklick1337.
  • Licensed under MIT.

About

Minimalistic port-spoofer written in C99

Resources

Readme

License

GPL-3.0 license
Activity

Stars

4 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 5

PhantomGate 0.1.3f Latest
Jan 9, 2025
+ 4 releases

Packages

 
 
 

Contributors

Languages