I wrote a Python-based trojan client program. The purpose of this program is to bypass the protection device so that sensitive data can be shuttled through the network. Due to the limited programming ability, the python program was used as the client at the time, and the php code was used as the server, which was barely usable, but lacked the server of jsp, which made the function very limited. Fortunately, there is a big god [caomei] (https://github.com/8caomei) to help achieve the jsp side of the code, so the combination of the two, easy to use.
I have prepared two drones here, each with a php and jsp runtime environment, to simulate a real web server.
For convenience, I have placed the server trojan program in the server website directory:
- php website Trojan address: http://10.0.3.13/test/p.php
- jsp website Trojan address: http://192.168.10.149:8080/Test/1.jsp
At this point, run the PyCmd.py program:
The program will automatically determine the type of website entered.
- -h View help information
- -u website Trojan address
- -p Trojan shell password
- –proxy Enable local proxy (for debugging)
Note: When local debugging is enabled, you need to run the Fiddler program or other capture software.
The strength of the PyCmd program is that it encrypts incoming and outgoing data and bypasses the firewall’s verification of data content.
When the cmd command is executed, the data is captured by Fiddler:
Scan the uploaded Trojan server file with D Shield, display it as a normal file, and successfully escape the killing
PyCmd [Download Address] (https://github.com/tengzhangchao/PyCmd)