This series of tutorials is aimed to share the notes taken while I was learning python for cybersecurity with the book - Black Hat Python.
這系列教學文章為學習筆記+延伸資源,旨在分享學習書籍 Black Hat Python時所思所學,也希望能幫助想了解Python和資安的大大們入門。
This tutorial has also been written in English in Medium.
Let's get started! 開始吧!
這個方法是用來表現上傳檔案、執行指令或創建一個有互動性的使用者介面(interactive user interface.)。
def handle(self, client_socket):
if self.args.execute:
output = execute(self.args.execute)
client_socket.send(output.encode())
elif self.args.upload:
file_buffer = b''
while True:
data = client_socket.recv(4096)
if data:
file_buffer += data
print(len(file_buffer))
else:
break
with open(self.args.upload, 'wb') as f:
f.write(file_buffer)
message = f'Saved file {self.args.upload}'
client_socket.send(message.encode())
elif self.args.command:
cmd_buffer = b''
while True:
try:
client_socket.send(b' #> ')
while '\n' not in cmd_buffer.decode():
cmd_buffer += client_socket.recv(64)
response = execute(cmd_buffer.decode())
if response:
client_socket.send(response.encode())
cmd_buffer = b''
except Exception as e:
print(f'server killed {e}')
self.socket.close()
sys.exit()
If 一個指令應該被執行,方法handle 傳送(pass)了指令到執行的函式,並傳送(send) output結果回到socket
elif self.args.upload:
file_buffer = b''
while True:
data = client_socket.recv(4096)
if data:
file_buffer += data
print(len(file_buffer))
else:
break
設定一個迴圈:
elif self.args.command:
cmd_buffer = b''
while True:
try:
client_socket.send(b' #> ')
while '\n' not in cmd_buffer.decode():
cmd_buffer += client_socket.recv(64)
response = execute(cmd_buffer.decode())
if response:
client_socket.send(response.encode())
cmd_buffer = b''
except Exception as e:
print(f'server killed {e}')
self.socket.close()
sys.exit()
python netcat.py -t 127.0.0.1 -p 1234 -l -c
打開Root Terminal Emulator
nc 127.0.0.1 1234
現在能輕易辦到許多事了...
You can use this program on the listener side and use netcat itself on the sender side. Hopefully, you have seen how powerful it is.
你能使用這個程式在聆聽端,或使用netcat再傳送端。希望這系列能讓你認識到它的強大之處。
Reference參考資料
推薦影片
絕讚! Youtube 教學影片 | Elevate Cyber
原始碼
Github - Python For Cybersecurity | Monles