Why not have python run a shell command and use the command line version of 7zip to actual zip the files with a password?
On Sat, Jul 6, 2013 at 5:22 PM, Adrian Crenshaw <[email protected]>wrote: > Thank. Don't think the Python library let's be make zips with a password, > but I can pass protect the directory. > > Adrian > On Jul 6, 2013 5:34 PM, "allison nixon" <[email protected]> wrote: > >> i suggest you password protect the malware. i've seen people abuse sites >> like yours by pointing RFI attacks at the malware locations so people are >> attacked and blame the site owner. a zip file with the password 'infected' >> is the industry standard. >> >> A >> >> On Thu, Jul 4, 2013 at 11:00 AM, Adrian Crenshaw >> <[email protected]>wrote: >> >>> I'm prepping to give my Webshells talk again at OISF and TakeDownCon >>> Rocket City. I like to update things if I give a talk more than once, so I >>> enhanced my script to save an archived copy of the webshells in a zip file >>> so even if the infected host cleans it up (which they really should), it >>> can be examined later. Let me know if I did this in an insecure way to save >>> the files. >>> >>> http://www.irongeek.com/i.php?page=webshells-and-rfis >>> >>> One precaution I took was to limit the saving of webshells to about 1MB. >>> I'm also hoping malware/search engines don't start listing me as hosting >>> malware, which technically I am, but for teaching purposes. >>> -- >>> "The ability to quote is a serviceable substitute for wit." ~ W. >>> Somerset Maugham >>> "The ability to Google can be a serviceable substitute for technical >>> knowledge." ~ Adrian D. Crenshaw >>> >>> _______________________________________________ >>> Pauldotcom mailing list >>> [email protected] >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: http://pauldotcom.com >>> >> >> >> >> -- >> _________________________________ >> Note to self: Pillage BEFORE burning. >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
