Skip to content

Commit 4ee5034

Browse files
authored
Update README.md
table of contents
1 parent f83e390 commit 4ee5034

File tree

1 file changed

+37
-19
lines changed

1 file changed

+37
-19
lines changed

README.md

Lines changed: 37 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -8,9 +8,27 @@ PythonRAT is a Command and Control (C2) server which can control multiple machin
88

99

1010
## Table of Contents
11-
[Features](#Features)
12-
13-
<a name="Features"/>
11+
- [Features](#features)
12+
- [Usage Manuals](#usage-manuals)
13+
* [C2 Manual](#c2-manual)
14+
* [Session Manual](#session-manual)
15+
- [Wine and Pyinstaller (Win version) Installation on Linux](#wine-and-pyinstaller--win-version--installation-on-linux)
16+
* [Environment Setup](#environment-setup)
17+
* [Installing Dependencies](#installing-dependencies)
18+
- [Backdoor Compilation and Obfuscation for Windows](#backdoor-compilation-and-obfuscation-for-windows)
19+
* [Compile to Executable using Pyinstaller Linux](#compile-to-executable-using-pyinstaller-linux)
20+
* [Compile to Executable using Pyinstaller (Win) under Wine](#compile-to-executable-using-pyinstaller--win--under-wine)
21+
* [Obfuscation using SFX Archive (Theory)](#obfuscation-using-sfx-archive--theory-)
22+
+ [NOTE: SFX Archive](#note--sfx-archive)
23+
* [Creating SFX Archive](#creating-sfx-archive)
24+
* [Creating SFX Archive - Visual](#creating-sfx-archive---visual)
25+
* [Task Manager](#task-manager)
26+
- [Preview Images](#preview-images)
27+
* [Target Connection to C2 Server](#target-Connection-to-c2-server)
28+
* [Interacting with Session](#interacting-with-session)
29+
* [Test Commands on Target](#test-commands-on-target)
30+
* [Session Options](#session-options)
31+
* [Backgrounding and Killing Session](#backgrounding-and-killing-session)
1432

1533
# Features
1634

@@ -29,7 +47,7 @@ PythonRAT is a Command and Control (C2) server which can control multiple machin
2947

3048

3149
# Usage Manuals
32-
**C2 Manual**
50+
## C2 Manual
3351

3452
targets --> Prints Active Sessions
3553
session *session num* --> Will Connect To Session (background to return)
@@ -40,7 +58,7 @@ PythonRAT is a Command and Control (C2) server which can control multiple machin
4058

4159

4260

43-
**Session Manual**
61+
## Session Manual
4462

4563
quit --> Quit Session With The Target
4664
clear --> Clear The Screen
@@ -64,7 +82,7 @@ PythonRAT is a Command and Control (C2) server which can control multiple machin
6482

6583
Python 2.7.14 Releases: https://www.python.org/downloads/release/python-2714/
6684

67-
**Environment Setup**
85+
## Environment Setup
6886

6987
┌──(root💀kali)-[~/]
7088

@@ -78,7 +96,7 @@ Python 2.7.14 Releases: https://www.python.org/downloads/release/python-2714/
7896
sudo wine msiexec -i ~/python-2.7.14.msi #x86 arch
7997

8098

81-
**Installing Dependencies**
99+
## Installing Dependencies
82100

83101
┌──(root💀kali)-[~/.wine/drive_c]
84102

@@ -93,13 +111,13 @@ Python 2.7.14 Releases: https://www.python.org/downloads/release/python-2714/
93111

94112
# Backdoor Compilation and Obfuscation for Windows
95113

96-
**Compile to Executable using Pyinstaller Linux**
114+
## Compile to Executable using Pyinstaller Linux
97115

98116
$ pyinstaller --onefile --noconsole backdoor.py
99117

100118
or,
101119

102-
**Compile to Executable using Pyinstaller (Win) under Wine**
120+
## Compile to Executable using Pyinstaller (Win) under Wine
103121

104122
# wine /root/.wine/drive_c/Python27/Scripts/pyinstaller.exe --onefile --noconsole ~/backdoor.py
105123

@@ -110,7 +128,7 @@ or,
110128
This will produce _./dist/backdoor.exe_
111129

112130

113-
**Obfuscation using SFX Archive (Theory)**
131+
## Obfuscation using SFX Archive (Theory)
114132

115133
The executable _backdoor.exe_ will be made to look like an image (jpg) file.
116134
By default Windows does not show file extensions (e.g. backdoor.exe will show in Windows Explorer as backdoor).
@@ -121,7 +139,7 @@ Making the executable appear to be an image.
121139

122140
Of course this same method could be applied to audio, document or video file using an appopriate icon.
123141

124-
**NOTE: SFX Archive**
142+
### NOTE: SFX Archive
125143

126144
SFX archive is not the only method of obfuscating the executable.
127145
We can when compiling using _Pyinstaller_ add the argument _--add-data "/root/wallpaper.jpg;."_ with
@@ -131,7 +149,7 @@ _--icon ~/wallpaper.ico_.
131149
# mv ./dist/_backdoor.exe_ ./dist/_wallpaper.jpg.exe_
132150

133151

134-
**Creating SFX Archive**
152+
## Creating SFX Archive
135153

136154
WinRAR > Add To Archive (image.jpg and backdoor.exe)
137155

@@ -161,7 +179,7 @@ Rename archive to: _image.jpg.exe_
161179

162180

163181

164-
**Creating SFX Archive - Visual**
182+
## Creating SFX Archive - Visual
165183

166184
https://user-images.githubusercontent.com/10171446/153578069-851d3896-67d0-465b-ad92-267ad21504ee.mp4
167185

@@ -179,33 +197,33 @@ Once opened the SFX archive will open the image file inside the archive and the
179197
Due to _--noconsole_ argument in _Pyinstaller_, no window will be rendered.
180198

181199

182-
**Task Manager**
200+
## Task Manager
183201

184202
The _backdoor.exe_ process can be seen in Task Manager and ended there if necessary.
185203

186204
# Preview Images
187205

188-
**Target connection to C2 Server**
206+
## Target Connection to C2 Server
189207

190208
![Screenshot_2022-02-10_06-16-22](https://user-images.githubusercontent.com/10171446/153403206-4ce3dc23-4c1a-41b6-a715-2e2021d965ce.png)
191209

192210

193-
**Interacting with Session**
211+
## Interacting with Session
194212

195213
![Screenshot_2022-02-10_06-17-20](https://user-images.githubusercontent.com/10171446/153403283-3df77fd8-2cbe-4990-b82f-d847bdde3bee.png)
196214

197215

198-
**Test Commands on Target**
216+
## Test Commands on Target
199217

200218
![Screenshot_2022-02-10_06-22-48](https://user-images.githubusercontent.com/10171446/153403427-058ebe8a-36d8-465c-8386-7a55cea1641b.png)
201219

202220

203-
**Session Options**
221+
## Session Options
204222

205223
![Screenshot_2022-02-10_06-23-21](https://user-images.githubusercontent.com/10171446/153403579-3b090b00-2dec-4c33-a94d-020eb2b0d2b4.png)
206224

207225

208-
**Backgrounding and Killing Session**
226+
## Backgrounding and Killing Session
209227

210228
![Screenshot_2022-02-10_06-25-04](https://user-images.githubusercontent.com/10171446/153403973-d9757c68-4ca2-405f-ae13-a0ca0666bfcc.png)
211229

0 commit comments

Comments
 (0)