Python编写远程控制工具
服务端
客户端成功连接客户端后,会显示对方物理ip和内网ip
服务端也会显示客户端的物理ip和内网ip(可删除)
客户端可对服务端进行任意shell命令操作
exit断开连接
本人已将重要的服务封装为函数,便于移植
这是服务端
这是客户端
具体代码如下:
服务端
import socket
import subprocess
import re
def reg_str(str1):
try:
com_id = re.search("b\'(.+)\'", str1)
new_str = com_id.group(1)
except:
print("[-] Unknown error (re_str)")
return new_str
def run_command(command):
try:
c = subprocess.check_output(command, shell=True)
except:
c = 'Can not execute the command'
return c
def get_ip():
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
try:
s.connect(('10.255.255.255', 1))
IP = s.getsockname()[0]
except Exception:
IP = '127.0.0.1'
finally:
s.close()
return IP
def get_ip2():
try:
host_name = socket.gethostname()
host = socket.gethostbyname(host_name)
except:
print("[-] Get errer")
return host
def accept_command(connecting, byte):
try:
data = connecting.recv(byte)
except:
print("[-] Unknown error (accept_command)")
return data
def send_command(connecting, str2):
try:
if type(str2) == bytes:
connecting.send(str2)
else:
connecting.send(bytes(str2, encoding='utf-8'))
except:
print("[-] Unknown error (send_command)")
host = get_ip()
s1 = socket.socket()
s1.bind((host, 4476))
print("[+] A new server from " + host + ":4476")
s1.listen(5)
client_ip = get_ip2() + "(" + get_ip() + ")"
while 1:
conn, address = s1.accept()
ip = accept_command(conn, 65535)
print("[+] A new connect from %s " % ip)
send_command(conn, "[+] Connection successful")
while 1:
send_command(conn, "shell(" + str(client_ip) + "):4476>>>")
cmd_buffer = str(accept_command(conn, 65535))
cmd_buffer_reg = reg_str(cmd_buffer)
print("[*] The command is %s" % cmd_buffer_reg)
response = run_command(cmd_buffer_reg)
send_command(conn, response)
if cmd_buffer_reg == 'exit':
break
send_command(conn, "[+] connection close")
conn.close()
客户端
import socket
def get_ip():
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
try:
s.connect(('10.255.255.255', 1))
IP = s.getsockname()[0]
except Exception:
IP = '127.0.0.1'
finally:
s.close()
return IP
def get_ip2():
try:
host_name = socket.gethostname()
host = socket.gethostbyname(host_name)
except:
print("[-] Get errer")
return host
def accept_command(connecting, byte):
try:
data = connecting.recv(byte)
except:
print("[-] Unknown error (accept_command)")
return data
def send_command(connecting, str2):
try:
if type(str2) == bytes:
connecting.send(str2)
else:
connecting.send(bytes(str2, encoding='utf-8'))
except:
print("[-] Unknown error (send_command)")
s2 = socket.socket()
s2.connect(("192.168.1.108", 4476))
ip = get_ip2() + "(" + get_ip() + ")"
send_command(s2, ip)
while 1:
status = accept_command(s2, 65535)
print("%s \n" % status)
while 1:
shell = accept_command(s2, 65535)
cmd = input(shell)
send_command(s2, cmd)
result = accept_command(s2, 65535)
print(result.decode("gbk"))