Git-Mirrors/sec-pentesting-toolkit
1
0
Fork 0
mirror of https://github.com/autistic-symposium/sec-pentesting-toolkit.git synced 2025-08-06 13:44:14 -04:00
Code Issues Projects Releases Packages Wiki Activity

paramiko readme typos, reverse ssh tunneling script

Browse source
This commit is contained in:
Mari Wahl 2014-12-17 18:16:52 -05:00
parent 2802913b9c
commit b65ef8b730
2 changed files with 174 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

14
Network_and_802.11/paramiko/README.md
View file

@ -2,7 +2,7 @@
**Paramiko** is awesome!!! It uses my dear [PyCrypto](https://www.dlitz.net/software/pycrypto/) to give us access to the [SSH2 protocol](http://en.wikipedia.org/wiki/SSH2), and it has a flexible and easy to use API.
You are going to see it with your own eyes: in this post we will write code for SSH clients and servers, reverse shells and tunnel connections, and it will be smooth and fun.
You are going to see it with your own eyes: in this post we will see code for SSH clients and servers, reverse shells, and tunnel connections, and it will be smooth and fun!
Shall we start?
@ -178,10 +178,10 @@ class Server(paramiko.ServerInterface):
Now, let's take a look at the **main** function, which does the following:
1. Creates a socket object to bind the host and port, so it can listen for incoming connections.
2. Once a connection is established (the client tried to connect to the server and the socket accepted the connection), it creates a **paramiko** Transport object for this socket.
2. Once a connection is established (the client tried to connect to the server and the socket accepted the connection), it creates a **paramiko** Transport object for this socket (in paramiko there are two main communication methods: *transport*, which makes and maintains the encrypted connection, and *channel*, which is like a sock for sending/receiving data over the encrypted session).-
3. The program instantiates a **Server** object and starts the paramiko session with it.
4. Authentication is attempted.
4. Once the authentication is successful, the server starts a loop where it will keep getting input commands from the user and issuing it in the client. This is our reversed shell!
4. Authentication is attempted. If it is successful, we get a **ClientConnected** message.
5. The server starts a loop where it will keep getting input commands from the user and issuing it in the client. This is our reversed shell!
```python
import paramiko
@ -361,12 +361,12 @@ Enter command:
**Awesomesauce!**
Ah, by the way, all these scripts work not only in Linux but in Windows and Mac as well (so next time you are in a lame Windows machine, no need to install [Putty](http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html) anymore =p ).
-----
---
## Further References:
- [Paramikos reverse SSH tunneling](https://github.com/paramiko/paramiko/blob/master/demos/rforward.py).
- [Black Hat Python](http://www.nostarch.com/blackhatpython).
- [My Gray hat repo](https://github.com/bt3gl/My-Gray-Hacker-Resources).