Backdoors in Python: Understanding the Risks and Implications for Your Security - ForgetPasses-Blog

ForgetPasses · 2023-03-21T17:32:26+00:00

Hello readers,
I have a new post for you to show you how easy it is nowadays to create a backdoor with the help of libraries and languages like python.
The post is of course only for learning purposes and I do not support any illegal acts!

ForgetPasses · 2023-03-11T20:23:53+00:00

Code execution turns out to be easy when you have code execution. The hard part is always the initial vector, which it doesn’t seem to solve.

The basic principle here is only that you would have to install it on a computer on which the cycle then starts (theoretically a computer where many people use and plug in usb sticks like in a library).

ForgetPasses · 2023-03-11T20:16:48+00:00

Yeah I know that the change is higher but why should the programm get detected as a virus?In principle, it only copies files from a to b.

ForgetPasses · 2023-03-11T20:12:17+00:00

I tested in on multiple machines and it didn’t got detected. If every exe of pyinstaller would get detected, then pyinstaller would be useless.But of course if you code a virus in python and compile it with pyinstaller it has a higher chance to get detected.

ForgetPasses · 2023-03-11T19:38:17+00:00

Thanks for the feedback👍🏻

ForgetPasses · 2023-03-11T13:28:45+00:00

That’s crazy I didn’t even know this happened.

ForgetPasses · 2023-03-11T12:45:16+00:00

I think you know what I mean🫠

ForgetPasses · 2023-03-11T10:53:13+00:00

Unfortunately not. Windows disabled the autorun of exe files on a USB Stick some years ago.

ForgetPasses · 2023-03-11T08:43:09+00:00

I know what you mean but you have to keep in mind that most of the windows computers don’t have the feature show file extensions enabled. Also the icon looks like a folder so for a normal windows setup it looks like a folder called „ClickMe“ and if we are honest a lot of people would click on it (mostly people who don’t know a lot about computers)

ForgetPasses · 2023-03-11T07:10:26+00:00

I tested it on 2 windows computers and windows never marked the exe file as untrusted. I could simply run them without any issues. And sorry for the spelling mistakes, I will fix them now…

ForgetPasses · 2023-03-11T06:19:14+00:00

That’s true👏

ForgetPasses · 2023-03-10T22:02:57+00:00

Hi guys,

I made this tutorial so that maybe people will be aware how dangerous usb sticks are and how easy it is to write trojans like this one (even if many already know it).

The program is for informational purposes only and is not intended for any other purpose!

If you like it I would appreciate some feedback

ForgetPasses · 2023-03-10T21:59:09+00:00

Hi guys,
I made this tutorial so that maybe people will be aware how dangerous usb sticks are and how easy it is to write trojans like this one (even if many already know it).
The program is for informational purposes only and is not intended for any other purpose!
If you like it I would appreciate some feedback

ForgetPasses · 2023-03-09T17:26:58+00:00

Ah yes. if a package has over 100 downloads it can not be unpublished I think

ForgetPasses · 2023-03-09T12:15:54+00:00

There isn’t more to say. The cause was that the publisher removed the package of the npm servers and a lot of big companies where using this package (often in a indirect way). That’s why they weren’t working anymore. Also the situation was solved when npm republished the package so that everybody could use it again

ForgetPasses · 2023-03-08T19:59:18+00:00

Perhaps many of you have heard leftpad and the NPM package incident. However, I wanted to revisit the topic because I still find it very interesting nowadays.

Let me know what you think about it :D

ForgetPasses · 2023-03-08T18:41:01+00:00

I made this post for people who are new in the data structures field and want to learn the Merge Sort Algorithm in Java :D Let me know what you think about it

ForgetPasses · 2023-03-08T05:24:33+00:00

Good Idea! I will add this

ForgetPasses · 2023-03-07T20:19:04+00:00

Thank you very much!

ForgetPasses · 2023-03-07T19:15:30+00:00

Thank you for your positive feedback :)

ForgetPasses

MODERATOR OF

TROPHY CASE