Hello, In this post I will be demonstrating some principles of malware construction by creating a reverse shell with source code included. The program will be written in nim. Note: this code is proof of concept use at risk.
to start lets put some code here Now lets look at what this code is doing.
Firstly we define some some variables for connecting. Those are our desired IP address, and port, we also define a variable as a newsocket. Next we connect to the attacker. Next we have a while true statement that does two things. One it sends our shell and then waits to receive a command then executes that command. Now lets get into some persistence.
This code creates a regKey and a directory to store our program in. Though, you'll want to hide it better than this. So now we have a program that can take cmd commands from an attacker using some basic malware principles. In addition to this code you will want to take more care with obfuscation
Each import purpose is as fallows
to start lets put some code here Now lets look at what this code is doing.
Firstly we define some some variables for connecting. Those are our desired IP address, and port, we also define a variable as a newsocket. Next we connect to the attacker. Next we have a while true statement that does two things. One it sends our shell and then waits to receive a command then executes that command. Now lets get into some persistence.
This code creates a regKey and a directory to store our program in. Though, you'll want to hide it better than this. So now we have a program that can take cmd commands from an attacker using some basic malware principles. In addition to this code you will want to take more care with obfuscation
Each import purpose is as fallows
- net for connecting
- osproc for executing the cmd commands
- strformat for formating the strings we wanna execute
- winregistry for creating registry keys