Wednesday, July 13, 2011

Simple Python reverse shell

Some days ago, Rel1k published a post explaining that he decided to include a small Python backdoor in SET.

I gave it a try but I found some problems when executing the script in Linux.

  • The 'quit' command should let the backdoor close the connection and finish its execution, but it was not working.  The string 'quit\n' is received  and the backdoor sends it to the shell instead of quitting.
  • When Control+C is pressed,  the netcat listener finishes the execution and this leaves the backdoor hanging in an infinite loop, consuming lots of resources (while(True){} without any sleep).
I have made a few changes in the script to solve the problems I found and it also connects back again in case we have pressed Control+C by mistake, so we do not lose our shell :)


The modified version can be found here: python_reverse_shell.py



 

No comments:

Post a Comment