68
GitHub - SafeBreach-Labs/mkmalwarefrom: Proof-of-concept two-stage dropper gener...
source link: https://github.com/SafeBreach-Labs/mkmalwarefrom
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
mkmalwarefrom
mkmalwarefrom is a proof-of-concept two-stage dropper generator. It was released as part of the Malwares From Thin Bits talk given at BSidesDFW 2017 conference by Itzik Kotler from SafeBreach Labs.
Slides are availble here
Version
0.1.0
Installation
mkmalwarefrom requires Python and was tested with Python 2.7.13.
$ git clone https://github.com/SafeBreach-Labs/mkmalwarefrom.git
$ cd mkmalwarefrom
$ python mkmalwarefrom.py -h
Example: Generating /bin/ls from Yahoo
# assume mkmalwarefrom root directory
$ cat /bin/ls | ./mkmalwarefrom.py -1 http://www.yahoo.com > download_ls.py
$ python download_ls.py > ls2
$ md5 /bin/ls ls2
Example: Generating /usr/bin/nc from /usr/bin/ssh
# assume mkmalwarefrom root directory
$ cat /usr/bin/nc | ./mkmalwarefrom.py -2 /usr/bin/ssh > mk_nc.py
$ python mk_nc.py > nc2
$ md5 /usr/bin/nc nc2
License
BSD 3-Clause
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK