#!/usr/bin/python2
import sys
import socket
import getopt
import thread
import subprocess
listen =False
command =False
upload =False
execute =""
target =""
upload_destination =""
port =0
def usage():
print("hello netcat!")
sys.exit(0)
# 作为客户端使用,接受与发送信息
def client_sender():
buffer=""
client=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
try:
client.connect((target,port))
while True:
recv_len =1
response =""
while recv_len:
data=client.recv(4096)
recv_len=len(data)
response+=data
if recv_len < 4096:
break
if "#" in response:
print(response),
buffer = raw_input("")
buffer += "
"
client.send(buffer)
else:
print(response)
except:
print("connection failed!")
client.close()
#作为服务器端使用
def server_loop():
global target
if not len(target):
target="0.0.0.0"
server=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
server.bind((target,port))
server.listen(5)
print("listening!!!!!")
while True:
try:
client_socket,addr=server.accept()
print("accepting!!!!")
#创建一个新线程处理连接到本服务器的客户端
thread.start_new_thread(client_handler,(client_socket,))
except:
print("thread fail")
break
#将客户端传来的信息转换为命令执行,并输出执行结果到output
def run_command(command):
command=command.rstrip()
try:
output=subprocess.check_output(command,stderr=subprocess.STDOUT,shell=True)
except:
output="failed to execute command.
"
return output
#处理连接到本服务器的客户端
def client_handler(client_socket):
global upload
global execute
global command
print("goto handler")
#如果客户端传来要上传文件的路径
if len(upload_destination):
file_buffer = ""
while True:
data = client_socket.recv(1024)
if not data:
break
else:
file_buffer+=data
try:
#写入传来的文件
file_descriptor=open(upload_destination,"wb")
file_descriptor.write(file_buffer)
file_descriptor.close()
client_socket.send("successfully saved")
except:
client_socket.send("failed to save")
#执行一条传来的命令
if len(execute):
output=run_command(execute)
client_socket.send(output)
#交互式执行传来的命令,shell面板
if command:
while True:
client_socket.send("<netcat: #> ")
cmd_buffer=""
while "
" not in cmd_buffer:
cmd_buffer+=client_socket.recv(1024)
response=run_command(cmd_buffer)
client_socket.send(response)
def main():
global listen
global port
global execute
global command
global upload_destination
global target
global opts
if not len(sys.argv[1:]):
usage()
try:
opts,args=getopt.getopt(sys.argv[1:],"hle:t:p:cu",["help","listen","execute","target","port","command","upload"])
except:
usage()
for o,a in opts:
if o in ("-h","--help"):
usage()
elif o in ("-l","--listen"):
listen=True
elif o in ("-e","--execute"):
execute=a
elif o in ("-c","--commandshell"):
command=True
elif o in ("-u","--upload"):
upload_destination=a
elif o in ("-t","--target"):
target=a
elif o in ("-p","--port"):
port=int(a)
if not listen and len(target) and port>0:
client_sender()
if listen:
server_loop()
main()
client客户端:
client_sender() 发送接受信息
server服务器:
server_loop函数监听并调用新线程执行 client_handler()函数
client_handler()函数中
1.upload_destination client文件传输到server
2.command 包括run_command()函数,将client传来的信息变为命令执行并将其结果保存在output
server发送output到client