Idiki backdoor paFlask kana maitiro ekudzora komputa pane yemuno network

Hei Habr!

Nguva pfupi yadarika ndakatarisa vhezheni yakadhindwa yechirongwa cherukova "Maitiro ekugadzira yako webhu application muFlask." Uye ndakafunga kubatanidza ruzivo rwangu mune chimwe chirongwa. Kwenguva refu ndakanga ndisingazive zvekunyora uye zano rakauya kwandiri: "Wadii kugadzira mini-backdoor muFlask?"

Sarudzo dzekutanga dzekushandisa uye kugona kweiyo backdoor pakarepo yakaonekwa mumusoro mangu. Asi ini ndakafunga kuita nekukurumidza runyorwa rwekumashure kugona:

  1. Ziva nzira yekuvhura mawebhusaiti
  2. Iva neraini rekuraira kuwana
  3. Kugona kuvhura zvirongwa, mafoto, mavhidhiyo

Saka, poindi yekutanga iri nyore kwazvo kushandisa uchishandisa webbrowser module. Ndakafunga kuita iyo yechipiri poindi ndichishandisa os module. Uye yechitatu iri zvakare kuburikidza neos module, asi ini ndichashandisa "zvinongedzo" (zvimwe pane izvo gare gare).

Kunyora server

Saka, *drumroll* yese server kodhi:

from flask import Flask, request
import webbrowser
import os
import re

app = Flask(__name__)
@app.route('/mycomp', methods=['POST'])
def hell():
    json_string = request.json
    if json_string['command'] == 'test':
        return 'The server is running and waiting for commands...'
    if json_string['command'] == 'openweb':
        webbrowser.open(url='https://www.'+json_string['data'], new=0)
        return 'Site opening ' + json_string['data'] + '...'
    if json_string['command'] == 'shell':
        os.system(json_string['data'])
        return 'Command execution ' + json_string['data'] + '...'
    if json_string['command'] == 'link':
        links = open('links.txt', 'r')
        for i in range(int(json_string['data'])):
            link = links.readline()
        os.system(link.split('>')[0])
        return 'Launch ' + link.split('>')[1]
if __name__ == '__main__':
    app.run(host='0.0.0.0')

Ndatorasa kodhi yese, yave nguva yekutsanangura kukosha kwayo.

Kodhi yese inoshanda pakombuta yemuno pachiteshi 5000. Kuti ushande ne server Tinofanira kutumira chikumbiro cheJSON POST.

JSON chikumbiro chimiro:

{‘command’:  ‘comecommand’, ‘data’: ‘somedata’}

Zvakanaka, zvine musoro kuti 'kuraira' ndiwo murairo watinoda kuita. Uye 'data' ndiyo nharo dzemirairo.

Iwe unogona kunyora uye kutumira zvikumbiro zveJSON kuti zvibatane nevhavha pamaoko (zvikumbiro zvichakubatsira iwe). Kana iwe unogona kunyora console mutengi.

Kunyora mutengi

Code:

import requests

logo = ['nn',
        '******      ********',
        '*******     *********',
        '**    **    **     **',
        '**    **    **     **      Written on Python',
        '*******     **     **',
        '********    **     **',
        '**     **   **     **      Author: ROBOTD4',
        '**     **   **     **',
        '**     **   **     **',
        '********    *********',
        '*******     ********',
        'nn']

p = ''
iport = '192.168.1.2:5000'
host = 'http://' + iport + '/mycomp'

def test():
    dict = {'command': 'test', 'data': 0}
    r = requests.post(host, json=dict)
    if r.status_code == 200:
        print (r.content.decode('utf-8'))

def start():
    for i in logo:
        print(i)

start()
test()

while True:
    command = input('>')
    if command == '':
        continue
    a = command.split()
    if command == 'test':
        dict = {'command': 'test', 'data': 0}
        r = requests.post(host, json=dict)
        if r.status_code == 200:
            print (r.content.decode('utf-8'))
    if a[0] == 'shell':
        for i in range(1, len(a)):
            p = p + a[i] + ' '
        dict = {'command': 'shell', 'data': p}
        r = requests.post(host, json=dict)
        if r.status_code == 200:
            print (r.content.decode('utf-8'))
        p = ''
    if a[0] == 'link':
        if len(a) > 1:
            dict = {'command': 'link', 'data': int(a[1])}
            r = requests.post(host, json=dict)
            if r.status_code == 200:
                print (r.content.decode('utf-8'))
        else:
            print('Комманда не содержит аргументов!')
    if a[0] == 'openweb':
            if len(a) > 1:
                dict = {'command': 'openweb', 'data': a[1]}
                r = requests.post(host, json=dict)
                if r.status_code == 200:
                    print (r.content.decode('utf-8'))
            else:
                print('Комманда не содержит аргументов!')
    if a[0] == 'set':
        if a[1] == 'host':
            ip = a[2] + ':5000'
    if command == 'quit':
        break

Tsananguro:

Chekutanga pane zvese, iyo module yekukumbira inotengeswa kunze kwenyika (yekudyidzana neseva). Pazasi pane tsananguro dzekutanga uye bvunzo mabasa. Uye ipapo kutenderera uko mashiripiti anoitika. Wakaverenga kodhi here? Saka iwe unonzwisisa zvinorehwa nemashiripiti anoitika mukutenderera. Pinda murairo - inoitwa. Shell - inoraira mutsara wekuraira (iyo logic iri pachiyero).

Edza - tarisa kana sevha iri kushanda (backdoor)
Link - kushandiswa kwe "shortcut"
Openweb - kuvhura webhusaiti
Rega - buda mutengi
Seta - kuseta iyo ip yekombuta yako pane yemuno network

Uye zvino zvakawanda nezve link.

Pane link.txt faira padivi pesevha. Iyo ine zvinongedzo (izere nzira) kune mafaera (mavhidhiyo, mafoto, zvirongwa).

Chimiro chakafanana neichi:

полный_путь>описание
полный_путь>описание

Mugumisiro

Isu tine sevha yekuseri yekudzora komputa pane network yemuno (mukati meiyo wi-fi network). Nehunyanzvi, isu tinogona kumhanya mutengi kubva kune chero mudziyo une muturikiri wepython.

PS Ndakawedzera murairo wakaiswa kuitira kuti kana komputa pane network yemuno yakapihwa imwe IP yakasiyana, inogona kuchinjwa yakananga mutengi.

Source: www.habr.com

Tenga inovimbika yekutambira kwemasaiti ane DDoS dziviriro, VPS VDS maseva 🔥 Tenga webhusaiti yakavimbika ine dziviriro yeDDoS, maseva eVPS VDS | ProHoster