Author Topic: Anyone Want To Code A Python (RAT)  (Read 4426 times)

0 Members and 1 Guest are viewing this topic.

Offline Cylar

  • /dev/null
  • *
  • Posts: 8
  • Cookies: -4
    • View Profile
Anyone Want To Code A Python (RAT)
« on: March 25, 2015, 04:27:34 pm »
Hello there i was wondering if anyone wanted to code a python (RAT),
I can allready code one i was just wondering if anyone wanted to help and maybe improve it.
I want it to be able to do as much as a .NET (RAT).

Python has a webcam Library that i am looking at.

Functions that i will include are:
*Keylogger
*Message Pop Up
*Play sound
*Dos
*Remote Shutdown
*Port scans
*And Much more.



Offline Deque

  • P.I.N.N.
  • Global Moderator
  • Overlord
  • *
  • Posts: 1203
  • Cookies: 518
  • Programmer, Malware Analyst
    • View Profile
Re: Anyone Want To Code A Python (RAT)
« Reply #1 on: March 25, 2015, 05:03:30 pm »
How do you intend to protect the RAT from reverse-engineering? Python does not seem to be a good choice for this purpose as all implementations rely on intermediate code (pyc for CPython, CIL for IronPython, Bytecode for Jython) instead of machine code compilation.
« Last Edit: March 25, 2015, 05:04:59 pm by Deque »

Offline Cylar

  • /dev/null
  • *
  • Posts: 8
  • Cookies: -4
    • View Profile
Re: Anyone Want To Code A Python (RAT)
« Reply #2 on: March 25, 2015, 05:07:06 pm »
Encode it.
Pretty simple answer.

Offline flowjob

  • Knight
  • **
  • Posts: 327
  • Cookies: 46
  • Pastafarian
    • View Profile
Re: Anyone Want To Code A Python (RAT)
« Reply #3 on: March 25, 2015, 05:25:36 pm »
If you'd encode it, you'd need to add a line specifying the encoding at the beginning of the file, so the python interpreter would know how to decode it again, so it can be interpreted afterwards. And any human could just check that line, and decode it using some tools, and thus get the source code once again...
So I assume you meant encrypting it. But what and how would decrypt it again? How do you plan on storing the key, so it couldn't be found easily, and thus the python file be decrypted easily?

Python isn't made for such things... If you plan on infecting more than one tech-illiterate person with it, then you should go for compiled languages. And no, "compiling" python isn't an answer to that, as there're decompilers for all python freezers out there...
« Last Edit: March 25, 2015, 05:26:32 pm by flowjob »
Quote
<phil> I'm gonna DDOS the washing machine with clothes packets.
<deviant_sheep> dont use too much soap or youll cause a bubble overflow

Offline Cylar

  • /dev/null
  • *
  • Posts: 8
  • Cookies: -4
    • View Profile
Re: Anyone Want To Code A Python (RAT)
« Reply #4 on: March 25, 2015, 05:30:39 pm »
Well i mean it's just a project but if i wanted to encrypt it then.
I would probably convert it into a .exe file exstention and encrypt it that way.

Or i would use metasploit payload encoded payloads and infect with a peice of shellcode.
Either way there is allways a way no matter what and thats the beauty of hacking is to find
a way people have not found before or even thought of.

Offline flowjob

  • Knight
  • **
  • Posts: 327
  • Cookies: 46
  • Pastafarian
    • View Profile
Re: Anyone Want To Code A Python (RAT)
« Reply #5 on: March 25, 2015, 05:51:07 pm »
Well i mean it's just a project but if i wanted to encrypt it then.
I would probably convert it into a .exe file exstention and encrypt it that way.

Or i would use metasploit payload encoded payloads and infect with a peice of shellcode.
Either way there is allways a way no matter what and thats the beauty of hacking is to find
a way people have not found before or even thought of.

Did you even read what I wrote? "Turning python into a .exe file" doesn't protect against reverse-engineering at all. There are decompilers/unpackers for every tool out there that freezes python code into a PE. And this is usually done by embedding an
interpreter in the executable.
So if you'd use that executable as a payload in another file using metasploit, the file size would increase quite a lot, wich is pretty suspicious if you ask me..
Quote
<phil> I'm gonna DDOS the washing machine with clothes packets.
<deviant_sheep> dont use too much soap or youll cause a bubble overflow

Offline Cylar

  • /dev/null
  • *
  • Posts: 8
  • Cookies: -4
    • View Profile
Re: Anyone Want To Code A Python (RAT)
« Reply #6 on: March 25, 2015, 06:34:40 pm »
It's just a project.
I will properly think it threw when that time comes but at the moment its a project
Nothing more.

Offline d4rkcat

  • Knight
  • **
  • Posts: 287
  • Cookies: 115
  • He who controls the past controls the future. He who controls the present controls the past.
    • View Profile
    • Scripts
Re: Anyone Want To Code A Python (RAT)
« Reply #7 on: March 25, 2015, 06:48:39 pm »
It's just a project.
I will properly think it threw when that time comes but at the moment its a project
Nothing more.

Actually these people are wrong, you can code a perfectly good rat in python, you just have to be clever about the way you code it.
The encryption can be done in a way that it must retrieve the key from a remote location you control, and you can make a system where you only host the key when you know a bot will be asking for it legitimately.
Python rats are awesome because they are easy to code, easy to write plugins for, powerful, undetectable (again, when done right) and extremely quick to write.
Don't listen to compiled language snobs, go and code your rat, it is perfectly possible and if you do it right, will be the same quality or higher than any crap written in C that is thousands of lines long and takes months to write.
PM me if you need any tips, just make sure you share it with the world so we can prove these people wrong.
 ;)
Jabber (OTR required): thed4rkcat@einfachjabber.de    Email (PGP required): thed4rkcat@yandex.com    PGP Key: here and here     Blog

<sofldan> not asking for anyone to hold my hand uber space shuttle door gunner guy.


Offline Kulverstukas

  • Administrator
  • Zeus
  • *
  • Posts: 6627
  • Cookies: 542
  • Fascist dictator
    • View Profile
    • My blog
Re: Anyone Want To Code A Python (RAT)
« Reply #8 on: March 25, 2015, 06:50:30 pm »
As mentioned before, if you want to have something usable, not to mention the bloated binary once you compile it. Python is NOT the way to go about this and it looks to me that you're just too lazy to learn WinAPI calls and do raw C++.
I suppose it's good for prototyping, but nothing more when it comes to malware.

derp
Uhh... interpreted will never beat compiled, that's a fact.
« Last Edit: March 25, 2015, 06:51:58 pm by Kulverstukas »

Offline d4rkcat

  • Knight
  • **
  • Posts: 287
  • Cookies: 115
  • He who controls the past controls the future. He who controls the present controls the past.
    • View Profile
    • Scripts
Re: Anyone Want To Code A Python (RAT)
« Reply #9 on: March 25, 2015, 07:03:48 pm »
herp

Yeah because everyone knows apples will never beat basketballs, that's a fact.
Jabber (OTR required): thed4rkcat@einfachjabber.de    Email (PGP required): thed4rkcat@yandex.com    PGP Key: here and here     Blog

<sofldan> not asking for anyone to hold my hand uber space shuttle door gunner guy.


Offline Stackprotector

  • Administrator
  • Titan
  • *
  • Posts: 2515
  • Cookies: 205
    • View Profile
Re: Anyone Want To Code A Python (RAT)
« Reply #10 on: March 25, 2015, 07:43:37 pm »
Actually these people are wrong, you can code a perfectly good rat in python, you just have to be clever about the way you code it.
The encryption can be done in a way that it must retrieve the key from a remote location you control, and you can make a system where you only host the key when you know a bot will be asking for it legitimately.
Python rats are awesome because they are easy to code, easy to write plugins for, powerful, undetectable (again, when done right) and extremely quick to write.
Don't listen to compiled language snobs, go and code your rat, it is perfectly possible and if you do it right, will be the same quality or higher than any crap written in C that is thousands of lines long and takes months to write.
PM me if you need any tips, just make sure you share it with the world so we can prove these people wrong.
 ;)
Sometimes I have real hard trouble knowing if people troll or not. Why not just all start writing our mallware in something awesome like this http://pythonnet.sourceforge.net/ ?
~Factionwars

Offline Kulverstukas

  • Administrator
  • Zeus
  • *
  • Posts: 6627
  • Cookies: 542
  • Fascist dictator
    • View Profile
    • My blog
Re: Anyone Want To Code A Python (RAT)
« Reply #11 on: March 25, 2015, 08:02:20 pm »
You guys don't see the artistic side of the malware creation. And who dafuq writes malware with dependencies on frameworks like .NET?

Offline d4rkcat

  • Knight
  • **
  • Posts: 287
  • Cookies: 115
  • He who controls the past controls the future. He who controls the present controls the past.
    • View Profile
    • Scripts
Re: Anyone Want To Code A Python (RAT)
« Reply #12 on: March 25, 2015, 08:08:20 pm »
Sorry did OP ask for your opinions on if python is a good language to write malware in?
No that's right, he didn't. He asked for help and ideas coding a PYTHON rat.
So why don't you very respectable admins stop derailing this guys thread and go and make yourself a bitch a moan thread, where you can bitch and moan about python all you want.
Or even better make a thread with your source code for a C/C++ rat, and explain why you think that it's better?
All i'm hearing is a bunch of whiny elitist garbage about my football team is better because I say so.
LOL.
« Last Edit: March 25, 2015, 08:09:35 pm by d4rkcat »
Jabber (OTR required): thed4rkcat@einfachjabber.de    Email (PGP required): thed4rkcat@yandex.com    PGP Key: here and here     Blog

<sofldan> not asking for anyone to hold my hand uber space shuttle door gunner guy.


Offline Kulverstukas

  • Administrator
  • Zeus
  • *
  • Posts: 6627
  • Cookies: 542
  • Fascist dictator
    • View Profile
    • My blog
Re: Anyone Want To Code A Python (RAT)
« Reply #13 on: March 25, 2015, 08:32:22 pm »
some rant shit
You might have a point there... I usually get carried away with such questions, because I don't particularly agree with the idea itself.

So I apologize OP for that :P

Offline Stackprotector

  • Administrator
  • Titan
  • *
  • Posts: 2515
  • Cookies: 205
    • View Profile
Re: Anyone Want To Code A Python (RAT)
« Reply #14 on: March 25, 2015, 08:58:49 pm »
You might have a point there... I usually get carried away with such questions, because I don't particularly agree with the idea itself.

So I apologize OP for that :P
Well, we were not talking about Python as a bad language for mallware but kicking the OP because he was like, "Yes just encode it" "py2exeftw" "l33t" "oh okay".

I'd love to see creative mallware in python! You could even write polymorphic mallware in python i suppose. Do ET!
~Factionwars