Hello all again!
It’s been a while since the Python Package for creating backdoors thingie and all that time I have been researching a way to properly create a stager for a Python backdoor script that has dependencies.
*You know stagers! The lil’ things that set the stage for the real thing to run.
So, after 2 weeks of research and vacation I came up with the
What does it do?
httpimport module lets anyone import Python packages/modules from HTTP/S Servers that serve directories.
For example, if you open a
SimpleHTTPServer in a directory where a Python module/package resides, then this module/package is directly importable through the LAN to any computer that runs Python.
The (good) catch!
This technique is highly different from
wgetting a folder - adding to the
PYTHONPATH - and
importing as NO DATA IS WRITTEN TO DISK!. It imports Python code directly from memory to the calling Python process! Suitable for a stager!
README.md has many examples, and the Unit Test code in
test.py is self explanatory, they can be found here:
Github Repository Importing support
covertutils package to make your backdoor today just by:
>>> from httpimport import * >>> with github_repo('operatorequals', 'covertutils') : ... import covertutils ... >>>
No need to
git clone, or
venv a thing. When you close the REPL, the
covertutils package will be nowhere to be found!
Want a specific commit? Does the API break your application after that commit? No Problem!
>>> from httpimport import * >>> with github_repo('operatorequals', 'covertutils', commit='cf3f78c77c437edf2c291bd5b4ed27e0a93e6a77') : ... import covertutils ... >>>
Make it yours at PyPI
As this module is more a Python (long craved) feature, than a little stager script it has also been uploaded to
PyPI for everyone to
pip install httpimport it:
Last but not least, this is a Python2/3 cross compatible module, with cross compatible test suite to suit all needs!
Tried for a PEP and rejected
I have also requested in Python-Ideas mailing list to polish this module and make it a core
stdlib feature, but it has been rejected as the Security Implications are huge (the scenario of HTTP MiTM RCE scared them a lot and for good reasons!).