Hlo Habr!
Tsis ntev los no kuv tau saib cov ntawv rub tawm ntawm qhov programming kwj "Yuav ua li cas los tsim koj tus kheej lub vev xaib thov hauv Flask." Thiab kuv tau txiav txim siab los sau kuv cov kev paub hauv qee qhov project. Tau ntev kuv tsis paub yuav sau dab tsi thiab lub tswv yim tuaj rau kuv: "Vim li cas ho tsis ua lub mini-backdoor hauv Flask?"
Thawj cov kev xaiv rau kev siv thiab kev muaj peev xwm ntawm lub backdoor tam sim ntawd tshwm nyob rau hauv kuv lub taub hau. Tab sis kuv txiav txim siab tam sim ua ib daim ntawv teev cov peev txheej backdoor:
- Paub yuav ua li cas qhib cov vev xaib
- Muaj cov kab hais kom ua
- Muaj peev xwm qhib cov kev pab cuam, duab, yeeb yaj duab
Yog li, thawj lub ntsiab lus yog qhov yooj yim heev rau kev siv siv lub webbrowser module. Kuv txiav txim siab los siv lub ntsiab lus thib ob siv os module. Thiab qhov thib peb kuj yog los ntawm os module, tab sis kuv yuav siv "txuas" (ntxiv rau tom qab ntawd).
Sau ib lub server
Yog li, * drumroll * tag nrho cov server code:
from flask import Flask, request
import webbrowser
import os
import re
app = Flask(__name__)
@app.route('/mycomp', methods=['POST'])
def hell():
json_string = request.json
if json_string['command'] == 'test':
return 'The server is running and waiting for commands...'
if json_string['command'] == 'openweb':
webbrowser.open(url='https://www.'+json_string['data'], new=0)
return 'Site opening ' + json_string['data'] + '...'
if json_string['command'] == 'shell':
os.system(json_string['data'])
return 'Command execution ' + json_string['data'] + '...'
if json_string['command'] == 'link':
links = open('links.txt', 'r')
for i in range(int(json_string['data'])):
link = links.readline()
os.system(link.split('>')[0])
return 'Launch ' + link.split('>')[1]
if __name__ == '__main__':
app.run(host='0.0.0.0')
Kuv twb muab pov tseg tag nrho cov cai, nws yog lub sij hawm los piav qhia lub ntsiab lus.
Txhua tus lej khiav ntawm lub computer hauv zos ntawm chaw nres nkoj 5000. Txhawm rau cuam tshuam nrog server, peb yuav tsum xa JSON POST thov.
JSON thov qauv:
{βcommandβ: βcomecommandβ, βdataβ: βsomedataβ}Zoo, nws ua rau kev nkag siab tias 'command' yog cov lus txib peb xav ua. Thiab 'cov ntaub ntawv' yog cov lus txib sib cav.
Koj tuaj yeem sau thiab xa JSON cov lus thov los cuam tshuam nrog tus neeg rau zaub mov manually (kev thov yuav pab koj). Los yog koj tuaj yeem sau tus neeg siv khoom console.
Sau tus neeg siv khoom
Txoj Cai:
import requests
logo = ['nn',
'****** ********',
'******* *********',
'** ** ** **',
'** ** ** ** Written on Python',
'******* ** **',
'******** ** **',
'** ** ** ** Author: ROBOTD4',
'** ** ** **',
'** ** ** **',
'******** *********',
'******* ********',
'nn']
p = ''
iport = '192.168.1.2:5000'
host = 'http://' + iport + '/mycomp'
def test():
dict = {'command': 'test', 'data': 0}
r = requests.post(host, json=dict)
if r.status_code == 200:
print (r.content.decode('utf-8'))
def start():
for i in logo:
print(i)
start()
test()
while True:
command = input('>')
if command == '':
continue
a = command.split()
if command == 'test':
dict = {'command': 'test', 'data': 0}
r = requests.post(host, json=dict)
if r.status_code == 200:
print (r.content.decode('utf-8'))
if a[0] == 'shell':
for i in range(1, len(a)):
p = p + a[i] + ' '
dict = {'command': 'shell', 'data': p}
r = requests.post(host, json=dict)
if r.status_code == 200:
print (r.content.decode('utf-8'))
p = ''
if a[0] == 'link':
if len(a) > 1:
dict = {'command': 'link', 'data': int(a[1])}
r = requests.post(host, json=dict)
if r.status_code == 200:
print (r.content.decode('utf-8'))
else:
print('ΠΠΎΠΌΠΌΠ°Π½Π΄Π° Π½Π΅ ΡΠΎΠ΄Π΅ΡΠΆΠΈΡ Π°ΡΠ³ΡΠΌΠ΅Π½ΡΠΎΠ²!')
if a[0] == 'openweb':
if len(a) > 1:
dict = {'command': 'openweb', 'data': a[1]}
r = requests.post(host, json=dict)
if r.status_code == 200:
print (r.content.decode('utf-8'))
else:
print('ΠΠΎΠΌΠΌΠ°Π½Π΄Π° Π½Π΅ ΡΠΎΠ΄Π΅ΡΠΆΠΈΡ Π°ΡΠ³ΡΠΌΠ΅Π½ΡΠΎΠ²!')
if a[0] == 'set':
if a[1] == 'host':
ip = a[2] + ':5000'
if command == 'quit':
break
Kev piav qhia:
Ua ntej ntawm tag nrho cov, cov kev thov module yog imported (rau interacting nrog lub server). Hauv qab no yog cov lus piav qhia txog kev pib thiab kev xeem ua haujlwm. Thiab ces lub voj voog uas cov khawv koob tshwm sim. Koj puas tau nyeem cov cai? Yog li koj nkag siab lub ntsiab lus ntawm cov khawv koob uas tshwm sim hauv lub voj voog. Nkag mus rau qhov hais kom ua - nws raug tua. Plhaub - cov lus txib rau kab hais kom ua (lub logic yog tawm ntawm qhov ntsuas).
Kuaj - xyuas seb lub server puas khiav (rov qab)
Txuas - siv lub "shortcut"
Openweb - qhib lub vev xaib
Tawm - tawm ntawm tus neeg siv khoom
Teem - teeb tsa tus ip ntawm koj lub computer ntawm lub network hauv zos
Thiab tam sim no ntxiv txog qhov txuas.
Muaj ib cov ntaub ntawv link.txt nyob ib sab ntawm lub server. Nws muaj cov kev sib txuas (tag nrho txoj hauv kev) rau cov ntaub ntawv (cov yeeb yaj kiab, duab, cov kev pab cuam).
Cov qauv zoo li no:
ΠΏΠΎΠ»Π½ΡΠΉ_ΠΏΡΡΡ>ΠΎΠΏΠΈΡΠ°Π½ΠΈΠ΅
ΠΏΠΎΠ»Π½ΡΠΉ_ΠΏΡΡΡ>ΠΎΠΏΠΈΡΠ°Π½ΠΈΠ΅
Qhov no
Peb muaj ib tug backdoor server rau kev tswj lub computer ntawm ib lub zos network (nyob rau hauv ib tug wi-fi network). Technically, peb tuaj yeem khiav tus neeg siv khoom los ntawm txhua lub cuab yeej uas muaj tus neeg txhais lus python.
PS Kuv ntxiv cov lus txib kom yog lub khoos phis tawj ntawm lub network hauv zos tau muab tus IP sib txawv, nws tuaj yeem hloov pauv ncaj qha rau hauv tus neeg siv khoom.
Tau qhov twg los: www.hab.com