python - Meterpreter Handler/listener -

-

i'm cybersecurity students, i'm not cracker, scriptkiddy or this, i'm working on python meterpreter's listener, found normal tcp reverse handler, working cmd reverse tpc (metasploit), no working meterpreter reverse tpc (metasploit)... know why? thanks.

#!/usr/bin/python # import python modules socket import * host = ''                 # '' means bind interfaces port = 4444                #  port  # create our socket handler s = socket(af_inet, sock_stream) # set when cancel out can reuse port s.setsockopt(sol_socket, so_reuseaddr, 1) # bind interface s.bind((host, port)) # print accepting connections print "listening on 0.0.0.0:%s" % str(port) # listen 10 connection s.listen(10) # accept connections conn, addr = s.accept() # print connected ipaddress print 'connected by', addr # receive initial connection data = conn.recv(1024) # start loop while 1:      # enter shell command      command = raw_input("enter shell command or quit: ")      # send shell command      conn.send(command)      # if specify quit break out of loop , close socket      if command == "quit": break      # receive output linux command      data = conn.recv(1024)      # print output of linux command      print data # close socket conn.close()

this won't work meterpreter because meterpreter's transport's support custom protocol. in order "listener" work meterpreter, have implement protocol.

it's documented these days. can start reading on on metasploit github repo's wiki. information on process meterpreter goes through running, check out 44con talk (shameless plug), covers tlv packets well. you'll need support multiple transports, including ssl-wrapped tcp.

once you've got tlv stuff working, you'll need implement commands meterpreter supports. doesn't include single-shot commands (such getsystem or ls), you'll have support stuff channels.

i won't lie, you're in lot of work. making functional meterpreter listener isn't easy job, , there's quite bit more expect. fact there's no python implementation out there sign.

best of luck!


Comments

Post a Comment

Popular posts from this blog

c - How to retrieve a variable from the Apache configuration inside the module? -

-
i'm building custom apache module. how retrieve variable apache configuration inside module? see variable "some_var_config_from_apache_or_htaacess" inside apache module: /* source: http://people.apache.org/~humbedooh/mods/examples/mod_example_1.c */ /* include required headers httpd */ #include "httpd.h" #include "http_core.h" #include "http_protocol.h" #include "http_request.h" static void register_hooks(apr_pool_t *pool); static int example_handler(request_rec *r); /* define our module entity , assign function registering hooks */ module ap_module_declare_data example_module = { standard20_module_stuff, null, // per-directory configuration handler null, // merge handler per-directory configurations null, // per-server configuration handler null, // merge handler per-server configurations null, // directives may have httpd register_hoo
Read more

c# - Constructor arguments cannot be passed for interface mocks -

-
when debug code , read line mocklessonplannerafactory creation error: constructor arguments cannot passed interface mocks. var mockschoolclasscodeservice = new mock<ischoolclasscodeservice>(); var mockdateservice = new mock<idateservice>(); var mocklessonplannerafactory = new mock<ilessonplannerafactory>(mockdateservice.object); var mocklessonplannerbfactory = new mock<ilessonplannerbfactory>(mockdateservice.object); var service = new timetableservice(mockunitofwork.object, mocklessonplannerafactory.object, mocklessonplannerbfactory.object, mockschoolclasscodeservice.object); my timetableservice accepts instances of interface type only. mocklessonplannerafactory , bfactory... want in constructor idateservice passed. what wrong code? the clue in error message "constructor arguments cannot passed interface mocks." the mock created interface have default constructor because interfaces don't have constructor. remember mockin
Read more

python - malformed header from script index.py Bad header -

-
i want run python code in apache2(ubuntu 14.04) server. have followed these steps , getting error: step 1: configuration 1: have created directory , file under /var/www/cgi-bin configuration 2 : have edited /etc/apache2/sites-available/000-default.conf alias /cgi-bin /var/www/cgi-bin <directory "/var/www/cgi-bin"> options indexes followsymlinks execcgi addhandler cgi-script .cgi .py allow </directory> <directory /var/www/cgi-bin> options </directory> step 2: and python script is: index.py #!/usr/bin/env python import cgi; import cgitb;cgitb.enable() print "content-type: text/plain\n" print "<b>hello python</b>" step 3: when ran through chrome browser using: url : http://localhost/cgi-bin/index.py step 4: i getting error in error-log malformed header script 'index.py': bad header: hello python you should end header \r\n, must print out yet \r\n signal body coming. (i
Read more