'python' 태그의 글 목록

python

Trojan using Git hub 2016.03.30
Beautiful KiWi with Python and OpenCV 2016.03.17
ICMP Decoding with Python 2016.03.16

Trojan using Git hub

2016. 3. 30. 01:36

from Black Hat Python

Git Hub Command and Control

Following code can be changed to EXE file format with py2exe tool for window.

http://www.py2exe.org/

[+] start code [-] end code

Example of running the trojan code from client

python git_trojan.py
[*] get_trojan_config
[*] get_file_contents
[*] connect_to_github
[*] Found file abc.json
[*] Attempting to retrieve dirlister
[*] get_file_contents
[*] connect_to_github
[*] Found file modules/dirlister
[*] Attempting to retrieve environment
[*] get_file_contents
[*] connect_to_github
[*] Found file modules/environment
[*] module_runner
[*] In dirlister module.
[*] store_module_result
[*] connect_to_github
[*] module_runner
[*] In environment module.
[*] store_module_result
[*] connect_to_github

The client script will upload the result to git server. And it can be checked with following git commands.

kjpark@kjpark-F9SG:~/code/PracticeAlgorithm/chapter7$ cd data
kjpark@kjpark-F9SG:~/code/PracticeAlgorithm/chapter7/data$ git pull origin master
remote: Counting objects: 10, done.
remote: Compressing objects: 100% (9/9), done.
remote: Total 10 (delta 0), reused 0 (delta 0), pack-reused 0
Unpacking objects: 100% (10/10), done.
From https://github.com/sedew810225/chapter7
* branch master -> FETCH_HEAD
c432f2c..d29f1cf master -> origin/master
Updating c432f2c..d29f1cf
Fast-forward
data/abc/60121.data | 1 +
data/abc/85593.data | 1 +
2 files changed, 2 insertions(+)
create mode 100644 data/abc/60121.data
create mode 100644 data/abc/85593.data

Because the data has been encoded for base64 format, you can simply decode it as following.

kjpark@kjpark-F9SG:~/code/PracticeAlgorithm/chapter7/data$ base64 abc/60121.data
ZXlkTVExOU9WVTFGVWtsREp6b2dKMnR2WDB0U0xsVlVSaTA0Snl3Z0oxZEpUa1JQVjBsRUp6b2dK
ek01T0RRMU9EazRKeXdnSjAxQlRrUkJWRTlTV1Y5UVFWUklKem9nSnk5MWMzSXZjMmhoY21Vdloy
TnZibVl2WjI1dmJXVXViV0Z1WkdGMGIzSjVMbkJoZEdnbkxDQW5XRVJIWDBkU1JVVlVSVkpmUkVG
VVFWOUVTVkluT2lBbkwzWmhjaTlzYVdJdmJHbG5hSFJrYlMxa1lYUmhMMnRxY0dGeWF5Y3NJQ2RI
VGs5TlJWOUVSVk5MVkU5UVgxTkZVMU5KVDA1ZlNVUW5PaUFuZEdocGN5MXBjeTFrWlhCeVpXTmhk
R1ZrSnl3Z0owZEtVMTlFUlVKVlIxOVBWVlJRVlZRbk9pQW5jM1JrWlhKeUp5d2dKMHhGVTFOUFVF
Vk9Kem9nSjN3Z0wzVnpjaTlpYVc0dmJHVnpjM0JwY0dVZ0pYTW5MQ0FuV0VSSFgxWlVUbEluT2lB
bk55Y3NJQ2RSVkY5SlRWOU5UMFJWVEVVbk9pQW5hV0oxY3ljc0lDZE1UMGRPUVUxRkp6b2dKMnRx
Y0dGeWF5Y3NJQ2RWVTBWU0p6b2dK ....
alBUQXdPek0yT2lvdWIyZG5QVEF3T3pNMk9pb3VjbUU5TURBN016WTZLaTUzWVhZOU1EQTdNelk2
S2k1aGVHRTlNREE3TXpZNktpNXZaMkU5TURBN016WTZLaTV6Y0hnOU1EQTdNelk2S2k1NGMzQm1Q
VEF3T3pNMk9pY3NJQ2RIU2xOZlJFVkNWVWRmVkU5UVNVTlRKem9nSjBwVElFVlNVazlTTzBwVElF
eFBSeWNzSUNkWVJFZGZVMFZCVkNjNklDZHpaV0YwTUNkOQ==

kjpark@kjpark-F9SG:~/code/PracticeAlgorithm/chapter7/data$ base64 -d abc/60121.data
{'LC_NUMERIC': 'ko_KR.UTF-8', 'WINDOWID': '39845898', 'MANDATORY_PATH': '/usr/share/gconf/gnome.mandatory.path', 'XDG_GREETER_DATA_DIR': '/var/lib/lightdm-data/kjpark', 'GNOME_DESKTOP_SESSION_ID': 'this-is-deprecated', 'GJS_DEBUG_OUTPUT': 'stderr', 'LESSOPEN': '| /usr/bin/lesspipe %s', 'XDG_VTNR': '7', 'QT_IM_MODULE': 'ibus', 'LOGNAME': 'kjpark', 'USER': 'kjpark', 'PATH': '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games', 'LC_PAPER': 'ko_KR.UTF-8', 'GNOME_KEYRING_CONTROL': '', 'GTK_IM_MODULE': 'ibus', 'DISPLAY': ':0', 'LANG': 'ko_KR.UTF-8', 'TERM': 'xterm-256color', 'SHELL': '/bin/bash', 'XDG_SESSION_PATH': '/org/freedesktop/DisplayManager/Session0', 'XAUTHORITY': '/home/kjpark/.Xauthority', 'LANGUAGE': 'ko:en_US:en', 'SESSION_MANAGER': 'local/kjpark-F9SG:@/tmp
...
ob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.axv=01;35:*.anx=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=00;36:*.au=00;36:*.flac=00;36:*.m4a=00;36:*.mid=00;36:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=00;36:*.axa=00;36:*.oga=00;36:*.spx=00;36:*.xspf=00;36:', 'GJS_DEBUG_TOPICS': 'JS ERROR;JS LOG', 'XDG_SEAT': 'seat0'}kjpark@kjpar

저작자표시 비영리 변경금지

'Security&Encryption > Black Hat' 카테고리의 다른 글

Windows Debugger with PyDev (0)	2016.06.29
CPU registers and dis-assemble of Python (0)	2016.06.29
Pydev on Eclipse (0)	2016.06.28
ICMP Decoding with Python (0)	2016.03.16

Beautiful KiWi with Python and OpenCV

2016. 3. 17. 17:11

Next step for Tiny Project is about image processing to recognize KiWi characteristic.

1. recognize a KiWi from a still image

2. Extract the characteristic like aspect ratio, size, and shape as a ideal good product

3. Calculate a score from the data

OpenCV and Python have already provided a simple way for image processing.

1. Make a image blur
2. change the color space to gray
3. extract object based on threshold
4. extract contours
5. decide a biggest object from contours set

6. Extract the characteristics

Script result

root@kjpark-F9SG:/home/kjpark/code/Python/imageprocessing# python outline.py
Peri : 1950
Peri : 332
solidity 0.993691436532
virtual ellipse
((346.2395935058594, 585.294677734375), (539.5545043945312, 630.1558837890625), 161.14199829101562)
((346.4705810546875, 592.38232421875), (539.6417846679688, 621.376220703125), -14.03624439239502)
virtual box
[[160 959]
[ 9 356]
[532 225]
[683 828]]
aspect ratio
0.918367346939

Examplel of Image Processing

Example Python Source code

https://bitbucket.org/ThereSedew99/codes/raw/48c87ac2b77b9b6adb58dffa9f5724a54341b78c/Python/imageprocessing/outline.py

<span style="font-family: Verdana; font-size: 11pt;">import numpy as np
import cv2 
from matplotlib import pyplot as plt

filename = "k1.jpg"

img_ori = cv2.imread(filename) 
img_Blur = cv2.medianBlur(img_ori, 15)
#img_BW = cv2.GaussianBlur(img_ori, (5,5), 0)
img_BW = cv2.cvtColor(img_Blur, cv2.COLOR_BGR2GRAY)

ret,thresh1 = cv2.threshold(img_BW,215,255,1) 
#ret,thresh1 = cv2.threshold(img_BW,0,255,cv2.THRESH_BINARY+cv2.THRESH_OTSU)

#square image kernel used for erosion
kernel = np.ones((5,5),np.uint8) 
erosion = cv2.erode(thresh1, kernel,iterations = 2) 
edges = cv2.Canny(erosion, 10,250)

#refines all edges in the binary image
#opening = cv2.morphologyEx(erosion, cv2.MORPH_OPEN, kernel)
#this is for further removing small noises and holes in the image
closing = cv2.morphologyEx(edges, cv2.MORPH_CLOSE, kernel)

#find contours with simple approximation
_, contours, hierarchy = cv2.findContours(closing,cv2.RETR_EXTERNAL,cv2.CHAIN_APPROX_SIMPLE) 
#_, contours, hierarchy = cv2.findContours(opening,cv2.RETR_TREE,cv2.CHAIN_APPROX_SIMPLE)

areas = [] 
#list to hold all areas

for contour in contours:
  ar = cv2.contourArea(contour)
  peri = cv2.arcLength(contour, True)
  approx = cv2.approxPolyDP(contour, 0.02*peri, True)
  print "Peri : %d " % (peri)
  cv2.drawContours(img_ori, [approx], -1, (0, 255, 0), 2)
  areas.append(ar)

#index of the list element with largest area
max_area = max(areas)
max_area_index = areas.index(max_area)

#largest area contour
cnt = contours[max_area_index] 
cv2.drawContours(img_ori, [cnt], -1, (255, 0, 0), 3, maxLevel = 0)

images = [img_BW, erosion, edges, closing]
titles = ["original", "erosion", "edges", "Contour" ]

#for i in xrange(4):
#	plt.subplot(2,2,i+1)
#	plt.imshow(images[i], 'gray')
#    	plt.title(titles[i])
#    	plt.xticks([]),plt.yticks([])
#plt.show()

area = cv2.contourArea(cnt)
hull = cv2.convexHull(cnt)
hull_area = cv2.contourArea(hull)
solidity = float(area)/hull_area
print "solidity %s" % solidity

M = cv2.moments(cnt)
cX = int(M["m10"] / M["m00"])
cY = int(M["m01"] / M["m00"])
cv2.circle(img_ori, (cX, cY), 7, (255, 255, 255), -1)
cv2.putText(img_ori, "center", (cX - 20, cY - 20), cv2.FONT_HERSHEY_SIMPLEX, 0.5, (255, 255, 255), 2)

ellipse = cv2.fitEllipse(cnt)
img = cv2.ellipse(img_ori, ellipse, (0,0,255),2)
print "virtual ellipse"
print ellipse

rect = cv2.minAreaRect(cnt)
print rect 
box = cv2.boxPoints(rect)
box = np.int0(box)
im = cv2.drawContours(img_ori, [box], 0, (0,0,255),2)
print "virtual box"
print box

x,y,w,h = cv2.boundingRect(box)
aspect_ratio = float(w)/h
print "aspect ratio"
print aspect_ratio
#img = cv2.rectangle(img_ori,(x,y),(x+w,y+h),(0,255,255),2)

cv2.imshow('cleaner', img)
cv2.waitKey(0)

cv2.imwrite("P_"+filename, img) 
cv2.destroyAllWindows()
</span>

Refernces :

http://embedonix.com/articles/image-processing/installing-opencv-3-1-0-on-ubuntu/

http://opencv-python-tutroals.readthedocs.org/en/latest/py_tutorials/py_imgproc/py_contours/py_contour_properties/py_contour_properties.html

http://pythontips.com/2015/03/11/a-guide-to-finding-books-in-images-using-python-and-opencv/

저작자표시 비영리

'TinyProjects' 카테고리의 다른 글

Android \| studio 4.2.1 library 안 맞는 문제 (0)	2021.06.19
Using WebCam with Syntek driver from Ubuntu (0)	2016.03.22
LCD1602 모듈과 아두이노 (0)	2016.03.13
HC-SR04 초음파 센서와 아두이노 (1)	2016.03.11
SEN0018 적외선 감지 센서 (0)	2016.03.10

ICMP Decoding with Python

2016. 3. 16. 17:44

Socket Class from Python

https://docs.python.org/2/library/socket.html

Address Family

AF_UNIX address family : a single string
AF_INET address family : (host, port)
AF_INET6 address family : (host, port, flowinfo, scopeid)
AF_NETLINK socket : (pid, groups)
AF_TIPC address family : (addr_type, v1, v2, v3 [, scope])

non-IP based networked protocol designed for use in clustered computer environments

Socket Type

socket.SOCK_STREAM :
socket.SOCK_DGRAM :
socket.SOCK_RAW :
socket.SOCK_RDM :
socket.SOCK_SEQPACKET :

IP header & ICMP message

Scanning Example from 'Black Hat Python'

1. Create socket

2. Bind

3. ioctl

import socket

import os
import struct
from ctypes import *
import threading
import time
from netaddr import IPNetwork, IPAddress

host = "172.20.10.4"
subnet = "172.20.10.0/24"

magic_message = "PYTHONRULES!"

def udp_sender(subnet, magic_message):
    time.sleep(3)
    print "UDP sender thread"
    sender = socket.socket (socket.AF_INET, socket.SOCK_DGRAM)

for ip in IPNetwork(subnet):
        try :
            sender.sendto(magic_message, ("%s" % ip, 65212))
        except :
            pass

def parseICMPtype(in_type):
    if in_type == 0 :
        retStr = "Echo Reply"
    elif in_type == 3 :
        retStr = "Destination unreachable"
    elif in_type == 4 :
        retStr = "Source quench"
    elif in_type == 11 :
        retStr = "Time exceeded"
    elif in_type == 31 :
        retStr = "Conversation error"

return retStr

class IP(Structure) :
    _fields_ = [
        ("ihl",        c_ubyte, 4),
        ("version",     c_ubyte, 4),
        ("tos",        c_ubyte),
        ("len",     c_ushort),
        ("id",         c_ushort),
        ("offset",     c_ushort),
        ("ttl",     c_ubyte),
        ("protocol_num", c_ubyte),
        ("sum",     c_ushort),
        ("src",     c_ulong),
        ("dst",     c_ulong)
    ]

def __new__(self, socket_buffer=None) :
        return self.from_buffer_copy(socket_buffer)

def __init__(self, socket_buffer=None) :
        self.protocol_map = {1:"ICMP", 6:"TCP", 17:"UDP"}
        self.src_address = socket.inet_ntoa(struct.pack("<L",self.src))
        self.dst_address = socket.inet_ntoa(struct.pack("<L",self.dst))

try :
            self.protocol = self.protocol_map[self.protocol_num]
        except :
            self.protocol = str(self.protocol_num)

class ICMP(Structure):
    _fields_ = [
        ("type",         c_ubyte),
        ("code",        c_ubyte),
        ("checksum",        c_ushort),
        ("unused",        c_ushort),
        ("next_hop_mtu",    c_ushort)
    ]

def __new__ ( self, socket_buffer ):
        return self.from_buffer_copy(socket_buffer)

def __init__( self, socket_buffer ):
        pass

if os.name == "nt":
    socket_protocol = socket.IPPROTO_IP
else :
    socket_protocol = socket.IPPROTO_ICMP

# create a raw socket and bind it to the public interface
sniffer = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket_protocol)
sniffer.bind( (host, 0) )

# include IP headers
sniffer.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1)

if os.name == "nt":
    # receive all packages
    sniffer.ioctl(socket.SIO_RCVALL, socket.RCVALL_ON)

t = threading.Thread(target=udp_sender, args=(subnet,magic_message))
t.start()
print "Thread has started"

try :
    while True:
        # receive a package
        raw_buffer = sniffer.recvfrom(65565)[0]

ip_header = IP(raw_buffer[0:20])

print "Protocol: %s %s -> %s" % (ip_header.protocol, ip_header.src_address, ip_header.dst_address)
        
        if ip_header.protocol == "ICMP" :
            offset = ip_header.ihl * 4
            buf = raw_buffer[offset:offset + sizeof(ICMP)]
            icmp_header = ICMP(buf)
            strType = parseICMPtype(icmp_header.type)
            print "ICMP -> Type : %s Code : %d" % ( strType , icmp_header.code)

if icmp_header.code == 3 and icmp_header.type == 3 :
            if IPAddress(ip_header.src_address) in IPNetwork(subnet):
                if raw_buffer[len(raw_buffer)-len(magic_message):] == magic_message :
                    print "Host Up: %s" % ip_header.src_address

except KeyboardInterrupt :
    if os.name == "nt":
        # disabled promiscuous mode
        sniffer.ioctl(socket.SIO_RCVALL, socket,RCVALL_OFF)
    print "sniff end"
</SPAN>

pip install netaddr

python scanner.py
Traceback (most recent call last):
File "scanner.py", line 7, in <module>
from netaddr import IPNetwork, IPAddress
ImportError: No module named netaddr

References :

http://www.kalitutorials.net/2014/04/denial-of-service-methods-icmp-syn.html

저작자표시 비영리

'Security&Encryption > Black Hat' 카테고리의 다른 글

Windows Debugger with PyDev (0)	2016.06.29
CPU registers and dis-assemble of Python (0)	2016.06.29
Pydev on Eclipse (0)	2016.06.28
Trojan using Git hub (0)	2016.03.30

PREV 1 NEXT

DailyBread

python

Trojan using Git hub

'Security&Encryption > Black Hat' 카테고리의 다른 글

Beautiful KiWi with Python and OpenCV

'TinyProjects' 카테고리의 다른 글

ICMP Decoding with Python

'Security&Encryption > Black Hat' 카테고리의 다른 글

+ Recent posts

티스토리툴바