This script listen any local port(chosen by user), on TCP/UDP protocol, and print to screen/file(default:sinkhole.txt) all received data
something like "netcat -lvp", but this can customized to interact will malware
something like "netcat -lvp", but this can customized to interact will malware
Code: Select all
http://virii.tk/python-local-sinkhole/"""
http://virii.tk
Python 2.7
Usage license:
1. free for free people
2. provided "AS IS", without a warranty of any kind, use at your own risk
Licenta de utilizare:
1. acest script poate fi folosit in mod gratuit de orice persoana strict in scop personal (NO money involved)
2. utilizarea acestui script se face pe propria raspundere, nu se acorda nici un fel de garantie
"""
import socket
import sys
port = 99 # listening port
protocol = "TCP" #TCP / UDP
welcome = "Welcome to Sinkhole\n"
fisieroutput = "sinkhole.txt" # file where received data will go
data = "neinteresant"
def printtofile(text):
sinkhole = open(fisieroutput, "a")
print >>sinkhole, text
sinkhole.close
if protocol == "TCP":
tcpSocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
tcpSocket.bind(("0.0.0.0", port))
tcpSocket.listen(1)
(client,(ip, sock)) = tcpSocket.accept()
client.send(welcome)
while len(data):
try:
data = client.recv(2048) #2048 =buffer data
print data,
printtofile(data)
except:
break
elif protocol == "UDP":
udpSocket = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
udpSocket.bind(("0.0.0.0", port))
while True:
data, addr = udpSocket.recvfrom(2048) #2048 =received data buffer
udpSocket.sendto("Sinkhole zice: Multumesc!\n",addr)
print data,
printtofile(data)
try:
tcpSocket.close()
udpSocket.close()
except:
pass
sys.exit()
