Python Script for gathering information of a machine and mailing it to a desired email. Can be used as a payload to monitor Target and gather intel.
Explore the docs »
View Images
·
Report Bug
·
Request Feature
Table of Contents
NOTE - Not to be used to harm others or for malicious activities.
The PySPY project has two parts for two different works :
-
Target Machine Script
- Runs on the target machine
- Contains 9 functions and 1 main function
- Collects System information, screenshots, audio, clipboard data & key-logs
- Responsible for :
- Gathering data
- Encrypting data
- Compressing data
- Mailing data
- Deleting data
-
Attacker Machine Script
- Runs on the user's machine
- One script created to assist the user with the results of Victm Machine script
- Help the user to do it all in console
- Created to assist the user for the following :
- Key generation
- Decryption of Data
- Get zip information
- Unzipping
- Highly and easily customizable as per the requirements
- Additional Script for the user to reduce his work after attack and for key generation
- Encryption and Compression of data
- Mailing to desired mail
- Threading used for better efficiency and quick execution
- Fast , Takes close to 26 seconds to :
- Take 3 screenshots at 2sec interval each
- 3sec of audio
- System information including :
- saved-wifi passwords
- Mac address
- Ip address
- platform & Machine information
- 4 clipboard text at 2sec interval each with timestamp and doesnt copy if duplicate data present
- Keylogs for 10s
- Encrypt it all with key created by the user
- Zip the data
- Mail the zip to the desired mail
- Clear tracks ,all files created are deleted
- Threading
- Os
- Zipfile
- Time
- Platform
- Socket
- Subprocess
- Shutil
NOTE :- TO BE USED FOR EDUCATIONAL PURPOSES ONLY
-
Clone the repo
git clone https://github.com/VENGENCE7/PySPY.git
-
Install Python 3 if not installed and set it up.
-
Install required modules from the Requirements.txt file present in respective script
pip install -r /path/to/requirements.txt
Check if required modules are present and verify with Modules needed using :
pip freeze
For missing modules use:
pip install <module_name>
Setup E-mail for for sending mail to the recipient address.This requires to allow less secure app access on ur mail account.
Refer below for setting up G-mail account so that the Script can access it.
- Turning on 'less secure apps' settings as mailbox user
- Go to your (Google Account).
- On the left navigation panel, click Security.
- On the bottom of the page, in the Less secure app access panel, click Turn on access.
- If you don't see this setting, your administrator might have turned off less secure app account access (check the instruction above).
- Click the Save button.
For other mail accounts look up for the required settings (Less Secure App Access) to be changed for mailing accordingly.
For configure the PySPY Script for being operational and customizing it as per one's needs follow through the instructions below
NOTE : Only edit [ Main.py ] in target machine unless you know what your doing
;) Programs are filled with comments to explain whats goin on :).
Follow :
- Go through the comments of main.py for understanding whats being done
- All the places you need to change are mentioned with +[EDIT and example for how to be changed]+ in the code for ease
- Generate Key using Attacker Script or you can use a separate script too.
- Make sure to save and keep the key safe,it will be needed for decrypting.
All changes needed to be entered are:
- File Path
- Make sure its valid.Do your research on target well ;)
- If path is invalid it will use current directory path too :)
- Key
- Your own key can be entered
- Use the Attacker-Script to generate one.
- Can use the "Key-Generate.py" present in Separate-scripts for individual use folder in the Attacker-Script folder
- Folder-Name
- Choose a unique name inorder to avoid script crash _ -_O _
- Zip File-Name
- File-Names of
- All the Files that are going to be created during execution with proper extensions(its mentioned in the comments and code,read closely)
- Script Execution Settings
- FUll Script Execution time interval AND iterations
- Audio-Recording time
- Clipboard-Copy settings regarding iterations and time interval between each
- Screen-Shots settings regarding iterations and time interval between each
- Mailing Details ,Make sure to use proxy accoount
- From-Address Account
- Password of From address Account
- To-Address can be any valid mail-ID
No Setup required
Its a complimentary Script for PySPY to reduce the attackers work to access and perform operations from a single screen :)
Can create your own Script for your tasks its not mandatory to use this ><
- Just run the Script in powershell or cmd in windows.
- Its interactive
- Choose options as per your needs
- Separate Scripts for each operation in the Script is also available if requried
- Once Configured it can be converted into an executable that can be sent to the Target and trick him to run it .
- Can be used as a Payload to be used on the target machine .
- Can be run as a Script on machines that are compromised .
- Using an anonymous account and recipient account to avoid any connection that can compromise the attacker .
- Can be used to:
- To monitor target
- Gather intel about the target
- Allows to have a variety of data using just a single script
Possible Upgrades
- Application of asymetric encryption or any other complex encyption techniques
- Configuring to create a hidden folder
- Masking its working with additional programs
- Perform other faster compressing techniques
- Clearing logs of tasks
- Creating password protected files
- Record audios at multiple intervals
- Gather additional information of network
- Creating session for Screen share to have direct stream of the target
- Get intel through camera access
- Allows one screen access to all functionality .
- Reduced post-attack work .
- Can be used as a general script for doing unzipping and getting zip info as well to lookout for malicious content .
Possible Upgrades
- To create a systematic way to store all intel according to a order by creating & integrating another Script for storing files accordingly,which can help in scanning and investigating data for any threats .
- For creating complex keys .
- Faster execution of unzipping and decryption .
- Integration of tasks like self zipping and decryption as per the file names(as we mention in target Script)
- Judging a zip to be safe to be unzipped if any anonmalies detected and warm
Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.
If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement".
- Fork the Project
- Create your Feature Branch (
git checkout -b feature/AmazingFeature) - Commit your Changes (
git commit -m 'Add some AmazingFeature') - Push to the Branch (
git push origin feature/AmazingFeature) - Open a Pull Request
Don't forget to give the project a star! Thanks again!
Distributed under the License. See LICENSE.txt for more information.
Bhavish Anand :- bhavish007anand@gmail.com
Project Link: :- PySPY