🥇Monyako o monyane o ka morao ho Flask kapa mokhoa oa ho laola komporo marang-rang a lehae

Hey Habr!

Haufinyane tjena ke bone mofuta o jarollotsoeng oa "programming" Mokhoa oa ho iketsetsa sesebelisoa sa hau sa marang-rang ho Flask. Mme ka etsa qeto ya ho kopanya tsebo ya ka morerong o itseng. Ka nako e telele ke ne ke sa tsebe hore na ke ngole eng mme mohopolo o ile oa tla ho nna: "Hobaneng o sa etse mini-backdoor ka Flask?"

Likhetho tsa pele tsa ts'ebetsong le bokhoni ba backdoor hang-hang li ile tsa hlaha hloohong ea ka. Empa ke ile ka etsa qeto ea ho etsa hang-hang lethathamo la bokhoni ba backdoor:

Tseba mokhoa oa ho bula liwebsaete
Eba le phihlello ya mola wa taelo
Ba khona ho bula mananeo, linepe, livideo

Kahoo, ntlha ea pele e bonolo haholo ho e sebelisa ho sebelisa mojule oa sebatli sa marang-rang. Ke nkile qeto ea ho kenya ts'ebetsong ntlha ea bobeli ke sebelisa module ea os. 'Me ea boraro e boetse e feta ka module ea os, empa ke tla sebelisa "lihokelo" (ho feta moo hamorao).

Ho ngola seva

Kahoo, *drumroll* khoutu eohle ea seva:

from flask import Flask, request
import webbrowser
import os
import re

app = Flask(__name__)
@app.route('/mycomp', methods=['POST'])
def hell():
    json_string = request.json
    if json_string['command'] == 'test':
        return 'The server is running and waiting for commands...'
    if json_string['command'] == 'openweb':
        webbrowser.open(url='https://www.'+json_string['data'], new=0)
        return 'Site opening ' + json_string['data'] + '...'
    if json_string['command'] == 'shell':
        os.system(json_string['data'])
        return 'Command execution ' + json_string['data'] + '...'
    if json_string['command'] == 'link':
        links = open('links.txt', 'r')
        for i in range(int(json_string['data'])):
            link = links.readline()
        os.system(link.split('>')[0])
        return 'Launch ' + link.split('>')[1]
if __name__ == '__main__':
    app.run(host='0.0.0.0')

Ke se ke lahlile khoutu kaofela, ke nako ea ho hlalosa moelelo.

Khoutu eohle e sebetsa komporong ea lehae ho port 5000. Ho sebelisana le seva, re tlameha ho romella kopo ea JSON POST.

Sebopeho sa kopo ea JSON:

{‘command’:  ‘comecommand’, ‘data’: ‘somedata’}

Hoa utloahala hore 'taelo' ke taelo eo re batlang ho e phetha. Mme 'data' ke mabaka a taelo.

U ka ngola le ho romela likopo tsa JSON ho sebelisana le seva ka letsoho (likopo li tla u thusa). Kapa o ka ngola moreki oa console.

Ho ngola moreki

Khoutu:

import requests

logo = ['nn',
        '******      ********',
        '*******     *********',
        '**    **    **     **',
        '**    **    **     **      Written on Python',
        '*******     **     **',
        '********    **     **',
        '**     **   **     **      Author: ROBOTD4',
        '**     **   **     **',
        '**     **   **     **',
        '********    *********',
        '*******     ********',
        'nn']

p = ''
iport = '192.168.1.2:5000'
host = 'http://' + iport + '/mycomp'

def test():
    dict = {'command': 'test', 'data': 0}
    r = requests.post(host, json=dict)
    if r.status_code == 200:
        print (r.content.decode('utf-8'))

def start():
    for i in logo:
        print(i)

start()
test()

while True:
    command = input('>')
    if command == '':
        continue
    a = command.split()
    if command == 'test':
        dict = {'command': 'test', 'data': 0}
        r = requests.post(host, json=dict)
        if r.status_code == 200:
            print (r.content.decode('utf-8'))
    if a[0] == 'shell':
        for i in range(1, len(a)):
            p = p + a[i] + ' '
        dict = {'command': 'shell', 'data': p}
        r = requests.post(host, json=dict)
        if r.status_code == 200:
            print (r.content.decode('utf-8'))
        p = ''
    if a[0] == 'link':
        if len(a) > 1:
            dict = {'command': 'link', 'data': int(a[1])}
            r = requests.post(host, json=dict)
            if r.status_code == 200:
                print (r.content.decode('utf-8'))
        else:
            print('Комманда не содержит аргументов!')
    if a[0] == 'openweb':
            if len(a) > 1:
                dict = {'command': 'openweb', 'data': a[1]}
                r = requests.post(host, json=dict)
                if r.status_code == 200:
                    print (r.content.decode('utf-8'))
            else:
                print('Комманда не содержит аргументов!')
    if a[0] == 'set':
        if a[1] == 'host':
            ip = a[2] + ':5000'
    if command == 'quit':
        break

Litlhaloso:

Pele ho tsohle, mojule oa likopo o romelloa kantle ho naha (bakeng sa ho sebelisana le seva). Ka tlase ke litlhaloso tsa mesebetsi ea ho qala le ea tlhahlobo. 'Me joale potoloho eo boselamose bo etsahalang ho eona. Na u balile khoutu? Kahoo u utloisisa se boleloang ke boselamose bo etsahalang potolohong. Kenya taelo - e phethiloe. Shell - litaelo bakeng sa mohala oa taelo (mokhoa o tima).

Teko - hlahloba hore na seva e ntse e sebetsa (ka morao)
Khokahano - tšebeliso ea "shortcut"
Openweb - ho bula sebaka sa marang-rang
Tlohela - tsoa ho moreki
Seta - ho seta ip ea komporo ea hau ho netweke ea lehae

'Me hona joale ho eketsehileng ka link.

Ho na le faele ea link.txt haufi le seva. E na le likhokahano (tsela e felletseng) ea lifaele (livideo, linepe, mananeo).

Sebopeho se tjena:

полный_путь>описание полный_путь>описание

Phello

Re na le seva sa backdoor bakeng sa ho laola komporo marang-rang a lehae (ka har'a marang-rang a wi-fi). Ha e le hantle, re ka tsamaisa moreki ho sesebelisoa leha e le sefe se nang le mofetoleli oa python.

PS Ke kentse taelo e behiloeng e le hore haeba k'homphieutha ea marang-rang ea sebakeng seo e abetsoe IP e fapaneng, e ka fetoloa ka ho toba ho mofani.

Source: www.habr.com

Monyako o monyane o ka morao ho Flask kapa mokhoa oa ho laola komporo marangrang a lehae

Phello

Eketsa ka tlhaloso hlakola karabo