I am playing around with a little netcat tool of my own, but I keep getting "Connection refused" and a reference to a specific line, I've highlighted that below.
First I run the server, with the following command: python Netstatx.py -l -p 9999 -c
Then I run the "client" which tries to make a connection to the server, which is listening on port 9999: python Netstatx.py -t localhost -p 9999
As mentioned, the above gives me an "Connected refused"-exception, how come?
import sys
import socket
import getopt
import threading
import subprocess
# Define globals
listen = False
command = False
upload = False
execute = ""
target = ""
upload_destination = ""
port = 0
def usage():
print "Netstatx - Net Tool for your convenience"
print
print "Usage: Netstatx.py -t target_host -p port"
print "-l --listen - Listen on [host]:[port] for
incoming connections"
print "-e --execute=file_to_run - Execute the given file upon
receiving a connection"
print "-c --command - Initialize a command shell"
print "-u --upload=destination - Upon receiving connection,
upload a file and write to
[destination]"
print
print
print "Examples: "
print "Netstatx.py -t 192.168.0.1 -p 5555 -l -c"
print "Netstatx.py -t 192.168.0.1 -p 5555 -l -u=\\target.exe"
print "Netstatx.py -t 192.168.0.1 -p 5555 -l -e=\"cat /etc/passwd\""
sys.exit(0)
def client_sender(buffer):
client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
print "%s:%s" % (target, port)
# Connect to our target host
**client.connect((target, port))** <-- This is failing.
if len(buffer):
client.send(buffer)
while True:
# Now wait for data back
recv_len = 1
response = ""
while recv_len:
data = client.recv(4096)
recv_len = len(data)
response += data
if recv_len < 4096:
break
print response,
# Wait for more input
buffer = raw_input("")
buffer += "\n"
# Send it off
client.send(buffer)
def server_loop():
global target
# If no target is defined, we listen on all interfaces
if not len(target):
target = "0.0.0.0"
server = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
server.bind((target, port))
server.listen(5)
while True:
client_socket, addr = server.accept()
# Spin off a thread to handle our new client
client_thread = threading.Thread(target=client_handler,
args=(client_socket,))
client_thread.start()
def main():
global listen
global port
global execute
global command
global upload_destination
global target
if not len(sys.argv[1:]):
usage()
# Read the commandline options
try:
opts, args = getopt.getopt(sys.argv[1:], "hle:t:p:cu:",
["help","listen","execute","target","port","command",
"upload"])
except getopt.GetoptError as err:
print str(err)
usage()
for o,a in opts:
if o in ("-h", "--help"):
usage()
elif o in ("-l", "--listen"):
listen = True
elif o in ("-e", "--execute"):
execute = a
elif o in ("-c", "--commandshell"):
command = True
elif o in ("-u", "--upload"):
upload_destination = a
elif o in ("-t", "--target"):
target = a
elif o in ("-p", "--port"):
port = int(a)
else:
assert False, "Unhandled option!"
# Are we going to listen or just send data?
# if not listen and len(target) and port > 0
# Read in the buffer from the commandline
# this will block, so send CTRL-D if not sending input
# to stdin
buffer = sys.stdin.read()
# Send data off
client_sender(buffer)
# We are going to listen and potentially
# upload things, execute commands, and drop a shell back
# depending on our command line options above
if listen:
server_loop()
main()
def run_command(command):
# trim the newline
command = command.rstrip()
# Run the command and get the output back
try:
output = subprocess.check_output(command,
stderr=subprocess.STDOUT, shell=True)
except:
output = "Failed to execute command. \r\n"
# Send the output back to the client return output
return output
def client_handler(client_socket):
global upload
global execute
global command
# Check for upload
if len(upload_destination):
# Read on all of the bytes and write to our destination
file_buffer = ""
# Keep reading data until none is available
while True:
data = client_socket.recv(1024)
if not data:
break
else:
file_buffer += data
# Now we take these bytes and try to write them out
try:
file_descriptor = open(upload_destination, "wb")
file_descriptor.write(file_buffer)
file_descriptor.close()
# Acknowledge that we rote the file out
client_socket.send("Successfully saved file to %s\r\n" %
upload_destination)
except:
client_socket.send("Failed to save file to %s\r\n" %
upload_destination)
# Check for command execution
if len(execute):
# Run the command
output = run_command(execute)
client_socket.send(output)
# Now we go into another loop if a command shell was requested
if command:
while True:
# Show a simple prompt
client_socket.send("<Netstatx:#> ")
# Now we receive until we see a linefeed (enter key)
cmd_buffer = ""
while "\n" not in cmd_buffer:
cmd_buffer += client_socket.recv(1024)
# Send back the command output
response = run_command(cmd_buffer)
# Send back the response
client_socket.send(response)
import sys import socket import getopt import threading import subprocess #define some global variables listen = False command = False upload = False execute = "" target = "" upload_destination = "" port = 0 def usage(): print "Net Tool" print print "Usage : netcat.py -t target_host -p port" print "-l --listen -listen on [host]:[port] for incoming connections" print "-e --execute=file_to_run -execute the given file upon receiving a connection " print "-c --command -intialize a command shell" print "-u --upload=destination -upon receiving connection upload a file and write to [destination]" print print print "Examples : " print "netcat.py -t 192.168.0.1 -p 5555 -l -c" print "netcat.py -t 192.168.0.1 -p 5555 -l -u=c:\\\\target.exe" print "netcat.py -t 192.168.0.1 -p 5555 -l -e=\\"cat /etc/passwd\\"" print "echo 'ABCDEEGHI' | ./netcat.py -t 192.168.11.12 -p 135" sys.exit(0) def run_command(command): #trim the newline command= command.rstrip() #run the command get the output back try: output = subprocess.check_output(command, stderr=subprocess.STDOUT, shell=True) except: output = "Failed to execute command.\\r\\n" #send the output back to the client return output def client_handler(client_socket): global upload global execute global command #check for upload if len(upload_destination): #read in all of the bytes and write to our destination file_buffer= "" #keep reading data until none is available while True: data= client.socket.recv(1024) if not data: break else: file_buffer += data #now we take these bytes and try to write them out try: file_descriptor=open(upload_destination,"wb") file_descriptor.write(file_buffer) file_descriptor.close() #aknowledg that we wrote the file out client_socket.send("Successfully saved file to %s \\r\\n" % upload_destination) except: client_socket.send("Failed to save file to %s \\r\\n" % upload_destination) # check for command execution if len(execute): # run the command output = run_command(execute) client_socket.send(output) # now we go into another loop if a command shell was requested if command: while True: # show a simple prompt client_socket.send("<BHP:#> ") # now we receive until we see a linefeed (enter key) cmd_buffer = "" while "\\n" not in cmd_buffer: cmd_buffer += client_socket.recv(1024) # send back the command output response = run_command(cmd_buffer) # send back the response client_socket.send(response) def client_sender(buffer): client= socket.socket(socket.AF_INET, socket.SOCK_STREAM) try: #connect to our target host client.connect((target,port)) if len(buffer): client.send(buffer) while True: #now wait for data back recv_len=1 response="" while recv_len: data = client.recv(4096) recv_len= len(data) response+=data if recv_len<4096: break print response, #wait for more input buffer = raw_input("") buffer+= "\\n" # send it off client.send(buffer) except: print "[*] Exception! Exiting." client.close() def server_loop(): global target #if no target is defined , we listen on all interfaces if not len(target): target ="0.0.0.0" server = socket.socket(socket.AF_INET, socket.SOCK_STREAM) server.bind((target, port)) server.listen(5) while True: client_socket, addr = server.accept() #spin off a thread to handl our new client client_thread= threading.Thread(target=client_handler, args=(client_socket,)) client_thread.start() def main(): global listen global port global execute global command global upload_destination global target if not len(sys.argv[1:]): usage() #read the commandline options try: opts, args = getopt.getopt(sys.argv[1:],"hle:t:p:cu",["help","listen","execute","target","port","command","upload"]) except getopt.GetoptError as err: print str(err) usage() for o,a in opts: if o in ("-h", "--help"): usage() elif o in ("-l","--listen"): listen=True elif o in ("-e", "--execute"): execute =a elif o in ("-c", "--commandshell"): command= True elif o in ("-u", "--upload"): upload_destination = a elif o in ("-t", "--target"): target =a elif o in ("-p", "--port"): port=int(a) else : assert False, "unhandled option" # are we going to listen or just send data from stdin? if not listen and len(target) and port> 0 : #read in the buffer from the cmdline #this will block, so send CTRL-D if not sending input #to stdin buffer = sys.stdin.read() client_sender(buffer) #we are goin to listen and potentially #upload things, execute commands, and drop a shell back #depending on our command line options above if listen : server_loop() main()
I found some syntax errors running out your script ( it may be just from copy past), any way i did my small edits and it's working (knowing i'm under linux) Your problem may be the firewall is refusing connection on that port, try to check it out
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.