Python-Based Trojan Horse Attack

How to perform a python-based Trojan Horse Attack

Tommaso De Ponti
May 27 · 4 min read
Image for post
Image for postImage for post

For the ones who didn’t know yet, a Trojan Horse Attack consists of embedding en exploit in an innocent-looking Application, or even in a document. As you might have guessed today we will embed a backdoor into a Kivy-made GUI. This attack is quite simple, the only thing you need to know is just some python and networking basics. Let us get started!


The Trojan

How to build?

The Backdoor

Among the many things we can embed in a Trojan Horse, I choose to embed a Backdoor. We will be using the one I talked about in this article:

Basically, you can embed everything, but today we’ll embed a backdoor.

The App

This is a key point, we will use the Kivy framework in order to develop an Innocent-looking app, but as the Trojan attack says, it will contain the malicious backdoor, which we’ll use to gain access to the computer. From then, you’ll own the target’s computer.

Disclaimer : I am not a graphical apps experienced developer, just use them when I need. So the Trojan we’ll build has not a good graphics, however, you’ll be able to imporove it on your own with the Kivy’s documentation.

As said in the disclaimer, today we won’t focus on the graphic of the App, that can be easily improved just by going to Kivy’s Documentation, rather, we’ll focus on how to embed everything you want(here a Backdoor) in a graphical app.


The Hacker’s Machine

After all, this time spent on talking about what we will do in order to own the Victim’s Machine, let’s talk about the hacker. When we talked about how to send commands to the Backdoor to execute them on the victim computer in this article, we built our own tool to do that. But today, we’ll use Netcat.

Just open a Terminal Window and:

Image for post
Image for postImage for post

Talk is Cheap, Show me the code

~Linus Torvalds

Now it Is the moment to code our Trojan. Basically, we’ll organize using a function(a malicious one), and a class(the GUI). Such a simple code.

Lines 1/2: Imported some Kivy basic modules.

Lines 4/6: Imported the Socket and Subprocess module for the backdoor. Then the threading module in order to be able to execute both the malicious code and neutral(the GUI code).

Lines 9/22: Used the code of the Backdoor Attack in Python article to create a main function that contains the backdoor.

Lines 26/27: Build a “Hello World” simple GUI.

Lines 31/32: Created a thread for the main() function and then started it (mal_thread.start()).

Lines 35/36: Ran the simple GUI.


The Attack, finally

Here it comes the Best: the Attack.

On the Attacker Machine

As shown previously, we will be using Netcat to bind a port and listen for incoming connections. In this case, we will use the well known 4444 port. This command will give you no output until the Victim connects.

Image for post
Image for postImage for post

On the Target Machine

After having started the attack on the Attacker’s Machine, we can complete it on the victim machine.

Just export the code to the target machine and execute it, in order for the backdoor to work make sure you entered the right IP address at line 10.

Once you execute the code on the Victim computer, you’ll see a Kivy app saying “hello world” on the victim’s, and you’ll see this on the Attacker’s side:

Image for post
Image for postImage for post

So, we got a shell on the Victim computer using a Reverse Shell. Great!


InfoSec Write-ups

A collection of write-ups from the best hackers in the…

Tommaso De Ponti

Written by

A dev writing about how to do cool stuff with Python | Cybersecurity | AI | More Info: https://bit.ly/3cJT98c | Subscribe to Newsletter: https://bit.ly/3e1Ioy2

InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. In a nutshell, we are the largest InfoSec publication on Medium. Maintained by Hackrew

Tommaso De Ponti

Written by

A dev writing about how to do cool stuff with Python | Cybersecurity | AI | More Info: https://bit.ly/3cJT98c | Subscribe to Newsletter: https://bit.ly/3e1Ioy2

InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. In a nutshell, we are the largest InfoSec publication on Medium. Maintained by Hackrew

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store