Advanced Network Worm for Penetration Testing

⚠️ FOR PENETRATION TESTING, AUTHORIZED ACCESS, AND EDUCATIONAL PURPOSES ONLY

A feature-rich Python network worm for authorized penetration testing that demonstrates worm propagation techniques, lateral movement, and network spreading capabilities.

⚠️ SECURITY & LEGAL NOTICE

THIS TOOL IS FOR PENETRATION TESTING, AUTHORIZED ACCESS, AND EDUCATIONAL PURPOSES ONLY.

⚠️ IMPORTANT WARNINGS:

• AUTHORIZED USE ONLY: Only use on systems you own or have explicit written permission to test
• PENETRATION TESTING: Intended for authorized penetration testing and security research
• EDUCATIONAL PURPOSES: For learning about worm propagation, lateral movement, and network security
• LEGAL COMPLIANCE: Unauthorized use of network worms may be illegal in your jurisdiction
• RESPONSIBLE USE: Always comply with local laws and regulations
• ETHICAL USE: Use responsibly and ethically - respect privacy and obtain proper authorization

⚠️ DISCLAIMER:

By using this tool, you agree that:

• You have proper authorization to use this tool on the target systems
• You understand the legal implications of network worm propagation
• You will not use this tool for malicious purposes
• You accept full responsibility for your actions

The authors and contributors are not responsible for any misuse of this tool.

Features

• ✅ Multiple Spreading Methods: SSH, NFS, PsExec, WMI, RDP, SMB
• ✅ Network Scanning: Automatic network discovery using ARP or ping
• ✅ Multi-Threading: Parallel spreading to multiple targets
• ✅ Configurable: JSON-based configuration file
• ✅ Cross-Platform: Works on Linux, Windows, and macOS
• ✅ Payload Generation: Generates payloads for Python, Bash, and PowerShell
• ✅ Logging: Comprehensive logging to file and console
• ✅ Error Handling: Robust error handling and recovery
• ✅ Infection Tracking: Tracks infected hosts

Installation

Requirements

# Core dependencies
pip install scapy paramiko

# Windows-specific (for lateral movement)
pip install pywin32 WMI

Or install from requirements.txt:

pip install -r requirements.txt

Usage

Basic Usage

python3 worm.py

This will:

1. Execute payload on current system
2. Scan network (default: 192.168.1.0/24)
3. Attempt to spread to all found hosts

Custom IP Range

python3 worm.py --range 10.0.0.0/24

Custom Configuration

python3 worm.py --config my_config.json

Verbose Mode

python3 worm.py --verbose

Command-Line Options

Option	Short	Description	Default
--range	-r	IP range to scan	192.168.1.0/24
--config	-c	Configuration file	worm_config.json
--log	-l	Log file path	worm.log
--verbose	-v	Enable verbose logging	False

Spreading Methods

SSH Spreading

• Attempts SSH connections with common credentials
• Uploads worm code to /tmp/worm.py
• Executes worm remotely
• Verifies infection

NFS Spreading

• Checks for NFS exports
• Mounts NFS share
• Copies worm to shared directory
• Unmounts share

PsExec Lateral Movement (Windows)

• Uses PsExec for remote execution
• Executes PowerShell payload
• Requires Windows and PsExec

WMI Lateral Movement (Windows)

• Uses Windows Management Instrumentation
• Creates remote processes
• Executes payload via WMI

RDP Spreading (Windows)

• Stores RDP credentials
• Executes PowerShell payload via PsExec
• Uses encoded PowerShell commands

SMB Spreading (Windows)

• Uses SMB to copy files
• Uploads worm to remote system
• Requires SMB access

Configuration File

The worm uses a JSON configuration file (worm_config.json):

{
  "ssh": {
    "enabled": true,
    "usernames": ["root", "admin", "kali"],
    "passwords": ["12345", "1234", "password"],
    "port": 22
  },
  "nfs": {
    "enabled": true,
    "mount_point": "/mnt"
  },
  "psexec": {
    "enabled": true,
    "username": "admin",
    "password": "admin"
  },
  "wmi": {
    "enabled": true,
    "username": "admin",
    "password": "admin"
  },
  "rdp": {
    "enabled": true,
    "username": "admin",
    "password": "admin"
  },
  "smb": {
    "enabled": true,
    "username": "admin",
    "password": "admin"
  },
  "payload": {
    "file": "infected.txt",
    "message": "This system has been infected."
  },
  "network": {
    "scan_range": "192.168.1.0/24",
    "threads": 10
  }
}

Payload Types

The worm can generate payloads in multiple formats:

• Python: Cross-platform Python script
• Bash: Linux/Unix shell script
• PowerShell: Windows PowerShell script

Examples

Example 1: Basic Worm Execution

python3 worm.py
# Scans 192.168.1.0/24 and attempts all spreading methods

Example 2: Custom Network Range

python3 worm.py --range 10.10.10.0/24

Example 3: Custom Configuration

# Edit worm_config.json first
python3 worm.py --config my_config.json

Example 4: Verbose Logging

python3 worm.py --verbose

Improvements Over Original

1. Better Code Structure

   • Object-oriented design
   • Modular spreading methods
   • Configuration management

2. Enhanced Features

   • SMB spreading support
   • Multiple payload types
   • Infection tracking
   • Thread pool management

3. Better Error Handling

   • Comprehensive exception handling
   • Graceful degradation
   • Detailed logging

4. Cross-Platform Support

   • Works on Linux, Windows, macOS
   • Platform-specific feature detection
   • Fallback methods

5. Configuration System

   • JSON-based configuration
   • Easy customization
   • Default values

6. Security

   • Prominent pentest/authorized/educational disclaimer
   • Security warnings
   • Responsible use guidelines

Requirements

• Python 3.6+
• scapy (for network scanning)
• paramiko (for SSH spreading)
• pywin32 (Windows only, for lateral movement)
• WMI (Windows only, for WMI spreading)

Limitations

• Requires network access to target systems
• Needs valid credentials for spreading methods
• Some methods require specific tools (PsExec, smbclient)
• Windows methods only work on Windows

License

This project is provided as-is for educational and authorized testing purposes.

Author

Sergios9494

Contributing

Contributions, issues, and feature requests are welcome!