菜鸟渗透日记38---python渗透测试编程之远程控制工具2
菜鸟渗透日记37---python渗透测试编程之远程控制工具
今天接着从上面的思路来讲解
目录
通过采用命令行的控制方式工具
直接开始对程序进行修改:
对服务端代码进行修改:
import socket
import subprocess
def run_command(command):
command=command.rstrip()
print (command)
try:
child = subprocess.check_output(command,shell=True)
print (child)
except:
child = 'Can not execute the commmand.\r\n'
return childs1 = socket.socket()
s1.bind(("127.0.0.1",1234))
s1.listen(5)
while 1:
conn,address = s1.accept()
print ("a new connect from ".address)
data = conn.recv(1024)
print ("The command is " + data)
while 1:
conn.send('<xy:#> ')
cmd_buffer = ''
while '\n' not in cmd_buffer:
cmd_buffer += conn.recv(1024)
response = run_command(cmd_buffer)
conn.send(response)conn.close()
对客户端代码修改:
import socket
s2 = socket.socket()
s2.connect(("127.0.0.1",1234))
while 1:
#wait the receive information
recv_len = 1
response = ''
while recv_len:
data = s2.recv(4096)
recv_len = len(data)
response += data
if recv_len < 4096 :
break
print(response, )
#wait more input
buffer = input("")
buffer += '\n\n'
#send it
s2.send(buffer)
最后简单讲一下将python脚本转为exe
介绍一下常用的py2exe
这个工具的作用就是将py文件转换成exe文件。注意环境需要在windows下运行。
运行的脚本内容起名为mysetup.py
from distutils.core import setup
import py2exe
setup(console="helloword.py")
运行方法,将我们的脚本文件和有转换需求py文件放在py安装目录下
首先,切换命令行到C:\Python2.7
然后执行命令 python mysetup.py py2exe
生成了一个dist的子目录运行OK后的结果