backdoor на python

[Adventurer]

Ради интереса хочу написать бэкдор на питоне. Подскажите как можно зашифровать код?

 

[Apocalypse]

Зашифровать код на питоне...

 

[Adventurer]

зашифрованный код в файле декриптить и сразу заранить?

 

[DildoFagins]

Берешь код, шифруешь, генеришь файл с исходниками, который его расшифрует и исполнит через eval, или exec, не помню точно как в питоне называлась эта функция.

 

[Pernat1y]

Например,

GitHub - PELock/StringEncrypt-Python: StringEncrypt allows you to encrypt strings and files using a randomly generated algorithm, generating a unique decryption code (so-called polymorphic code) each time in the selected programming language.

StringEncrypt allows you to encrypt strings and files using a randomly generated algorithm, generating a unique decryption code (so-called polymorphic code) each time in the selected programming la...

github.com

 

[silentlearner]

You take the code, encrypt it, generate a source file that will decrypt it and execute it via eval, or exec, I don't remember exactly what this function was called in python.

exec = executes the code
eval = evaluates your code (whatever it returns)

@Adventurer any reason for obfuscation? whats your target enviroment?

 

[Adventurer]

Например,

https://github.com/PELock/StringEncrypt-Python[/UR

Интересная штука, спасибо за пример

 

[Adventurer]

exec = executes the code
eval = evaluates your code (whatever it returns)

@Adventurer any reason for obfuscation? whats your target enviroment?

For interest want to write backdoor on Python for Windows. want obfuscation to make it invisible for AV

 

[silentlearner]

For interest want to write backdoor on Python for Windows. want obfuscation to make it invisible for AV

check out pyinstaller for compiling it to an executable, you can get around 2-4 / 40 detections that should do the trick for bypassing detections. if that doesn't work do something like this:

#include your other imports
import base64

SCRIPT = b "your base64 encoded script here"
def run (script):
    exec (base64.b64decode (script))

if __name__ == "__main__":
    run (SCRIPT)

then run pyinstaller "yourfilename.py" --onefile


I would have suggested pyarmor however its been overused for malware so it scores like 6-8 detections on virustotal.
Simple encoding should do the trick for reducing detections however it will not stop someone from reversing it down to source code. [/ CODE]

 

[Adventurer]

Thanks for the info))this encryption is done for not bypassing AVs totally(in this case).

check out pyinstaller for compiling it to an executable

Also maybe you know how to reduce size of pyinstaller?

 

[Pernat1y]

pyinstaller

Try nuitka. It may be smaller.

 

[silentlearner]

Thanks for the info))this encryption is done for not bypassing AVs totally(in this case).


Also maybe you know how to reduce size of pyinstaller?

Pernat1y suggested another alternative decent alternative. Getting small sizes with python is a pain in the ass since its all interpreted. If you want small sizes you could possible compress it write a small C stub and decompress it at runtime (would result in some time delay though). Whats your payload doing? there is likely a C/C++ alternative

 

[Adventurer]

Yeah I am checking nuitka and it gives much smaller executable than pyinstaller. Payload is just reverse shell

 

[silentlearner]

Yeah I am checking nuitka and it gives much smaller executable than pyinstaller. Payload is just reverse shell

find an example coded in C/C++ at that point, will save you a lot of problems

 

[Adventurer]

I saw examples on C/C++, but for fun wanted to write on Python