PyShell Trojan back door

In the process of penetration testing, there is often a situation in which a shell of the target server is obtained, and further penetration of the intranet is required. However, for various reasons, it is impossible to remotely log in to the server, and intranet penetration is often difficult to carry out. Difficult, I developed a targeted backdoor program, the function is a bit similar to NC (Swiss Army Knife), but not limited to the function of NC, here to share the respect of NC.

Instructions

1
[HELP] python PyShell.py [-listen(-slave)] [ip] [port]

Function parameter

1
2
3
4
[HELP] exit ---- exit the connection
[HELP] kill ---- exit the connection and self-destruct the program
[HELP] playtask ---- create a scheduled task
[HELP] python -p file.py ---- Execute local python script on broiler

Actual demonstration

Environmental Preparation

The IP address of this machine is: 10.0.3.119
A virtual machine is installed on the machine. The IP address is 192.168.67.130.

The machine acts as the target server (attacked), and the virtual machine acts as the attacker (attack side)

Running Trojans

First run the PyShell program on the virtual machine and listen for an unused port, such as: 2222

Then run the PyShell program on this machine and connect to this port of the virtual machine.

As you can see, a shell bounced off on the virtual machine.

Query the IP address in the virtual machine shell, which is the 10 network segment of the machine.

Execute commands in the virtual machine shell to enable the machine to execute python scripts for intranet port scanning.

Tip: The python script is not passed to the machine, but is passed to the PyShell file through the packet form. The data traffic is encrypted by hex + base64, which can bypass the firewall.

Create a scheduled task

Native view results

Advantages and disadvantages

  • The program encrypts the data transmitted to each other to bypass the firewall.

  • When you need to execute a python script on a broiler, you don’t need to upload the corresponding script file on the broiler. Just encrypt the local script content to the broiler and execute it.

  • After the program finishes executing the command, it cannot display the result from time to time. That is to say, the python script will return to the output after it has finished running, and needs to be improved.

Tools Download

PyShell Trojan Back Download Address

本文标题:PyShell Trojan back door

文章作者:nmask

发布时间:2016年09月05日 - 00:09

最后更新:2019年08月16日 - 15:08

原始链接:https://thief.one/2016/09/05/PyShell - Trojan back door/

许可协议: 署名-非商业性使用-禁止演绎 4.0 国际 转载请保留原文链接及作者。

nmask wechat
欢迎您扫一扫上面的微信公众号,订阅我的博客!
坚持原创技术分享,您的支持将鼓励我继续创作!

热门文章推荐: