add pyminifier

2017-12-27 20:47:18 -07:00 · 2017-12-27 20:47:18 -07:00 · c9332c3dac
parent 1781f20856
commit c9332c3dac
5 changed files with 59 additions and 5 deletions
--- a/lib/common/helpers.py
+++ b/lib/common/helpers.py
@ -173,7 +173,6 @@ def strip_python_comments(data):
    Strip block comments, line comments, empty lines, verbose statements,
    and debug statements from a Python source file.
    """
-    # TODO: implement pyminifier functionality
    print color("[!] strip_python_comments is deprecated and should not be used")
    lines = data.split("\n")
    strippedLines = [line for line in lines if ((not line.strip().startswith("#")) and (line.strip() != ''))]
@ -547,7 +546,7 @@ def get_config(fields):
    conn.isolation_level = None

    cur = conn.cursor()
-    
+
    # Check if there is a new field not in the database
    columns = [i[1] for i in cur.execute('PRAGMA table_info(config)')]
    for field in fields.split(','):
--- a/lib/common/obfuscation.py
+++ b/lib/common/obfuscation.py
@ -0,0 +1,52 @@
+""" Contains methods to encrypt, obfuscate, minify, etc. source code, either
+Python or Powershell, for use in agents, stagers, etc.
+
+In essence: you should be able to put Python or Powershell code strings into
+any function in this file, and get back a string which has the same
+functionality but different meta-characteristics (no comments, shorter length,
+better evasion, etc.)
+"""
+
+from pyminifier import token_utils as py_tokenizer
+from pyminifier import minification as py_minifier
+from pyminifier import obfuscate as py_obfuscator
+
+################################################################################
+#
+# Python Encryption/Obfuscation/Minification/Etc.
+#
+################################################################################
+
+class PyminifierOptions(object):
+    """
+    Irritating options "struct" needed for pyminifier.
+    See: https://liftoff.github.io/pyminifier/_modules/pyminifier/minification.html#minify
+    """
+    tabs = False
+
+def py_minify(code):
+    """
+    minifies a string (of python code) passed
+    see: https://liftoff.github.io/pyminifier/_modules/pyminifier/minification.html#minify
+    """
+    tokenized = py_tokenizer.listified_tokenizer(code)
+
+    options = PyminifierOptions()
+    minified = py_minifier.minify(tokenized, options)
+    return minified
+
+# TODO py_obfuscate fails with the following:
+#   File "/usr/lib/python2.7/site-packages/pyminifier/obfuscate.py", line 92, in apply_obfuscation
+#     tokens, obfuscate_variable, variable, name_generator)
+# TypeError: replace_obfuscatables() takes at least 5 arguments (4 given)
+
+# def py_obfuscate(code):
+#     py_obfuscator.name_generator = py_obfuscator.obfuscation_machine(identifier_length=1)
+#     return py_obfuscator.apply_obfuscation(code)
+
+
+################################################################################
+#
+# Powershell Encryption/Obfuscation/Minification/Etc.
+#
+################################################################################
--- a/lib/listeners/dbx.py
+++ b/lib/listeners/dbx.py
@ -15,6 +15,7 @@ from lib.common import encryption
 from lib.common import packets
 from lib.common import messages
 from lib.common import templating
+from lib.common import obfuscation


 class Listener:
@ -443,7 +444,7 @@ class Listener:
                    }

            stager = template.render(template_options)
-            # TODO compress, minify, etc. with https://liftoff.github.io/pyminifier/
+            stager = obfuscation.py_minify(stager)

            if encode:
                return base64.b64encode(stager)
--- a/lib/listeners/http.py
+++ b/lib/listeners/http.py
@ -15,6 +15,7 @@ from lib.common import encryption
 from lib.common import packets
 from lib.common import messages
 from lib.common import templating
+from lib.common import obfuscation


 class Listener:
@ -534,7 +535,7 @@ class Listener:
                    }

            stager = template.render(template_options)
-            # TODO compress, minify, etc. with https://liftoff.github.io/pyminifier/
+            stager = obfuscation.py_minify(stager)

            # base64 encode the stager and return it
            if encode:
@ -827,7 +828,7 @@ def send_message(packets=None):
                return launcher
            else:
                return make_response(self.default_response(), 200)
-        
+
        @app.before_request
        def check_ip():
            """
--- a/setup/requirements.txt
+++ b/setup/requirements.txt
@ -12,3 +12,4 @@ netifaces
 M2Crypto
 jinja2
 cryptography
+pyminifier==2.1