Python编写远程控制工具

Python编写远程控制工具

服务端
客户端成功连接客户端后，会显示对方物理ip和内网ip

服务端也会显示客户端的物理ip和内网ip（可删除）

客户端可对服务端进行任意shell命令操作

exit断开连接

本人已将重要的服务封装为函数，便于移植
这是服务端

这是客户端

---

具体代码如下：

服务端

import socket
import subprocess
import re

def reg_str(str1):
    try:
        com_id = re.search("b\'(.+)\'", str1)
        new_str = com_id.group(1)
    except:
        print("[-] Unknown error (re_str)")
    return new_str


def run_command(command):
    try:
        c = subprocess.check_output(command, shell=True)
    except:
        c = 'Can not execute the command'
    return c


def get_ip():
    s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
    try:
        s.connect(('10.255.255.255', 1))
        IP = s.getsockname()[0]
    except Exception:
        IP = '127.0.0.1'
    finally:
        s.close()
    return IP


def get_ip2():
    try:
        host_name = socket.gethostname()
        host = socket.gethostbyname(host_name)
    except:
        print("[-] Get errer")
    return host


def accept_command(connecting, byte):
    try:
        data = connecting.recv(byte)
    except:
        print("[-] Unknown error (accept_command)")
    return data


def send_command(connecting, str2):
    try:
        if type(str2) == bytes:
            connecting.send(str2)
        else:
            connecting.send(bytes(str2, encoding='utf-8'))
    except:
        print("[-] Unknown error (send_command)")


host = get_ip()
s1 = socket.socket()
s1.bind((host, 4476))
print("[+] A new server from " + host + ":4476")
s1.listen(5)
client_ip = get_ip2() + "(" + get_ip() + ")"
while 1:
    conn, address = s1.accept()
    ip = accept_command(conn, 65535)
    print("[+] A new connect from %s " % ip)
    send_command(conn, "[+] Connection successful")
    while 1:
        send_command(conn, "shell(" + str(client_ip) + "):4476>>>")
        cmd_buffer = str(accept_command(conn, 65535))
        cmd_buffer_reg = reg_str(cmd_buffer)
        print("[*] The command is %s" % cmd_buffer_reg)
        response = run_command(cmd_buffer_reg)
        send_command(conn, response)
        if cmd_buffer_reg == 'exit':
            break
    send_command(conn, "[+] connection close")
    conn.close()

客户端

import socket


def get_ip():
    s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
    try:
        s.connect(('10.255.255.255', 1))
        IP = s.getsockname()[0]
    except Exception:
        IP = '127.0.0.1'
    finally:
        s.close()
    return IP


def get_ip2():
    try:
        host_name = socket.gethostname()
        host = socket.gethostbyname(host_name)
    except:
        print("[-] Get errer")
    return host


def accept_command(connecting, byte):
    try:
        data = connecting.recv(byte)
    except:
        print("[-] Unknown error (accept_command)")
    return data


def send_command(connecting, str2):
    try:
        if type(str2) == bytes:
            connecting.send(str2)
        else:
            connecting.send(bytes(str2, encoding='utf-8'))
    except:
        print("[-] Unknown error (send_command)")


s2 = socket.socket()
s2.connect(("192.168.1.108", 4476))
ip = get_ip2() + "(" + get_ip() + ")"
send_command(s2, ip)
while 1:
    status = accept_command(s2, 65535)
    print("%s \n" % status)
    while 1:
        shell = accept_command(s2, 65535)
        cmd = input(shell)
        send_command(s2, cmd)
        result = accept_command(s2, 65535)
        print(result.decode("gbk"))