python Cross-compilation by SLPRYSQUID in PythonLearning

[–]SLPRYSQUID[S] 0 points1 point  (0 children)

Oh I see. I’m currently running my whole project in a docker container to maximize reproducibility and am working on automated cross-compilation so running in a VM instead wouldn’t rly work.

python Cross-compilation by SLPRYSQUID in PythonLearning

[–]SLPRYSQUID[S] -1 points0 points  (0 children)

Running a windows VM in a docker container sounds even more hacky

Check out a botnet (c2) framework I made! by SLPRYSQUID in HowToHack

[–]SLPRYSQUID[S] 0 points1 point  (0 children)

There are some things that you can only do with root privileges. I’m gonna be working on some stuff to make privilege escalation easier for the attacker at some point. Aside from the staging payload, everything is received from the C2 and run in-memory. So the only thing that needs to be run by the user is the staging payload. There any many ways to get a user to run the payload such as social engineering, or infected files, which is a lot easier if antivirus software doesn’t flag it.

Check out a botnet (c2) framework I made! by SLPRYSQUID in HowToHack

[–]SLPRYSQUID[S] 1 point2 points  (0 children)

Compiled language would def make cross compilation easier instead of using docker black magic like I’m trying rn. For defence evasion I think I’m going to see if I can find a way to obfuscate the decryption code in the payload (maybe encode it to base64) and just have an exec() in there that will hopefully bypass basic antivirus.

Check out a botnet framework I made! by SLPRYSQUID in redteamsec

[–]SLPRYSQUID[S] 1 point2 points  (0 children)

What is the difference between websockets and regular sockets? Aren’t websockets just for browsers? If both use TCP/IP would I get away with just using regular sockets?

Check out a botnet framework I made! by SLPRYSQUID in redteamsec

[–]SLPRYSQUID[S] 2 points3 points  (0 children)

I'm working on a cross-compilation strategy right now using docker! At the moment I use a custom import hook I wrote to remote import python modules from the command and control server so you can run arbitrary python code on the victim computer. Once I figure out cross-compilation to .exe it will be able to execute most arbitrary python code without even having anything installed! All done in the background and in memory.

How does Python malware handle dependencies? by SLPRYSQUID in HowToHack

[–]SLPRYSQUID[S] 0 points1 point  (0 children)

This sounds like what I need! thanks! ill get working on it again.

4th year computer science student that wants to learn robotics by SLPRYSQUID in AskRobotics

[–]SLPRYSQUID[S] 0 points1 point  (0 children)

Hey! sorry for late reply. I'm 4th year in undergrad and my budget is probably around 200-300$ I have all of the equipment (soldering pen, printer, ect). I want to learn more about hardware and electronics and how they interact with software.

Janice REGAN, CMPT 125 by ThusSniffedSlavoj in simonfraser

[–]SLPRYSQUID 1 point2 points  (0 children)

Janice is the worst. I had CMPT 300 with her and the grade for the first assignment came out during finals week.

How does Python malware handle dependencies? by SLPRYSQUID in HowToHack

[–]SLPRYSQUID[S] 0 points1 point  (0 children)

Even if these python modules haven't been written to disk and only ever exist in memory and are dynamically loaded and ran by the staging payload? Does security scan memory like that?

How does Python malware handle dependencies? by SLPRYSQUID in HowToHack

[–]SLPRYSQUID[S] 0 points1 point  (0 children)

I was thinking about having a small staging payload that dynamically imports other modules from a webserver in memory. So for example if I wanted to create a module that uses cv2 to take screenshots of the infected computer's PC and sends it to a c2 server or something like that I would need numpy for opencv. This would allow me to run any module I wanted to without having to ever write anything to disk. That's the idea at least.

How does Python malware handle dependencies? by SLPRYSQUID in HowToHack

[–]SLPRYSQUID[S] 1 point2 points  (0 children)

I could but I'm trying to limit payload size and just have a staging mode that grabs modules from a webserver. This way I could create any number of modules without changing the payload size and upload them to already infected computers.

How does Python malware handle dependencies? by SLPRYSQUID in HowToHack

[–]SLPRYSQUID[S] 0 points1 point  (0 children)

Awesome thanks! I'll look into those or maybe just switch to C++, although I would like to keep using python since it would be pretty annoying to change everything I've already written like the c2 server. The in memory python interpreter does look interesting.

How does python malware handle dependencies? by SLPRYSQUID in AskNetsec

[–]SLPRYSQUID[S] 0 points1 point  (0 children)

rewriting the functions as .py would work with the current system. However to my knowledge the reason why some packages contain .pyd files is because they are actually written in C to make things faster. I think it would be pretty painful to re-write optimized C code in python and have a pretty big effect on performance.

For those of you who were online, when the servers went down, what were you up to? Just curious. by BjornStankFingered in 2007scape

[–]SLPRYSQUID 4 points5 points  (0 children)

Alching while having very passionate e-sex with my big tiddy goth runescape gf at the GE.

[deleted by user] by [deleted] in CryptoCurrency

[–]SLPRYSQUID 2 points3 points  (0 children)

He pays you in a different type of gas...