Closed LearnerZone closed 7 years ago
Using pyinstaller --noconsole --onefile
fixes the visible window issue but exe
is still not getting copied to the AppData
folder and no startup entries are created with new code from this repo. Ritiek
code complied exe works fine !!!
Found the issue, if hide_folder
is already there from a previous infection it won't execute the initialization steps again and there will be no infection.
Leaving the issue open for others to decide what to do with this issue!, I suggest deleting hide_folder
on self-destruct
so we do not break the RAT on future infection.
A few things:
1) Titles should be self-explanatory.
2) Only one Issue per issue.
3) If you want Ritiek's code feel free to clone old commits.
4) This is a personal project - expect things to break some time or another. I'm not doing this for money. Fix your attitude.
So... If hide_folder
is already on that computer it means this has already been run. Can you elaborate on "future infection"?
Sorry, but my intention was not to offend anyone. Maybe since English is not my main language it might have sounded wrong.
If hide_folder
is not deleted on self_destruct
any future infection will get fail as this condition will not get satisfied if not os.path.exists(hide_folder):
for persistence routine to kick-in.
After compiling the .exe and running it on a test system, it shows me a console window with all the commands. This is a serious bug, everything should be hidden!!!
Also, for some strange reasons
exe
is not getting copied to theAppData
folder and no startup entries are created after I downloaded the latest git version, this worked ok with earlier copy of mine???