Well I've recently moved back to python after learning PHP/MySQL for a while, so as I learned I coded a small program to issue remote commands. It essentially opens a given socket and waits for a connection, when a connection is established it prompts the user for validation. If validation is successful it passes a shell (limited to /bin tools) which you can use to issue remote commands. It also adds an iptables firewall rule to accept all packets on the port you specified which it then deletes when you exit the shell. All activity is logged to Logfile.log, including failed login attempts and their IP.
Things you can learn from this script:
User Validation using the hashlib and a sha512'd password
Command line arguments
Popen shell commands
Popen shell commands
Reading/Writing Files
Host:
~$ python recon.py 1984
~$ nc -vv 19.84.20.11 1984
Basic sockets
I wrote another small script to connect to the host, but in the end I decided to just use netcat instead. Example usage;
Host:
Client:
~$ nc -vv 19.84.20.11 1984
Script - http://pastebin.com/Mx600RA8
No comments:
Post a Comment