python_netcat

getopt的使用说明：getopt模块的使用说明

try语句的使用说明：try语句的使用说明

唯一目的：短平快！！

语言：python

模块：socket，sys，getopt，threading，subprocess

#coding=utf-8
import sys
import socket
import getopt
import threading
import subprocess

listen = False
command = False
upload = False
execute = ""
target =""
upload_destination=""
port=0

#下面是语法说明

def usage():
print "bhp net tool"
print
print "usage:netcat.py                -t target_host -p port"
print "-l --listen                    -listen on port"
print "-e --execute-file_to_run       -execute the given file upon"
print "-c --command                   -initialize the command shell"
print "-u --upload=destination        -receiving connection upload a file and write to destin"
print
print
print "examples:"
print "netcat.py -t 192.168.0.1 -p 5555 -l -c"
print "netcat.py -t 192.168.0.1 -p 5555 -l -u=c:\\target.exe"
print "netcat.py -t 192.168.0.1 -p 5555 -l -e=\"cat /etc/passwd\""
print "echo'wfafsasdgasd' | ./netcat.py -t 192.168.11.12 -p 135"
sys.exit(0)

#下面是信息发送部分
def client_sender(buffer):
client=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
try:
client.connect((target,port))
#检测标准输入的数据
if len(buffer):
client.send(buffer)
#接收所有回传数据
while True:
recv_len=1
response=""
while recv_len:
data=client.recv(4096)
recv_len=len(data)
response+=data
if recv_len<4096:
break
print response,
#等待更多输入
buffer=raw_input("")
buffer+="\n"

client.send(buffer)
except:
print "[*] exception! exiting"
client.close()

#下面的部分将启用监听功能
def server_loop():
global target
if not len(target):
target="0.0.0.0"
server=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
server.bind((target,port))

server.listen(5)

while True:
client_socket,addr=server.accept()
client_thread=threading.Thread(target=client_handler,args=(client_socket,))
client_thread.start()
def run_command(command):
command=command.rstrip()                #换行
#运行命令输出返回
try:
output=subprocess.check_output(command,stderr=subprocess.STDOUT,shell=True)
except:
output="failed to execute command.\r\n"

return output

#下面是文件的上传、命令执行、和shell相关的功能
def client_handler(client_socket):
global upload
global execute
global command

if len(upload_destination):
file_buffer=""

while True:
data=client_socket.recv(1024)
if not data:
break
else:
file_buffer+=data

try:
file_descriptor=open(upload_destination,"wb")
file_descriptor.write(file_buffer)
file_descriptor.close()

client_socket.send("sucessful saved file to %s" % upload_destination)
except:
client_socket.send("failed")

if len(execute):

output=run_command(execute)
client_socket.send(output)

if command:
while True:
client_socket.send("<bhp:#>")

cmd_buffer=""

while "\n" not in cmd_buffer:
cmd_buffer+=client_socket.recv(1024)
response=run_command(cmd_buffer)

client_socket.send(response)

#下面是主函数
def main():
global listen
global port
global execute
global command
global upload_destination
global target

if not len(sys.argv[1:]):
usage()
try:
opts,args=getopt.getopt(sys.argv[1:],"hle:t:p:cu",["help","listen","execute","target","port","command","upload"])
except getopt.GetoptError as err:
print str(err)
usage()
for o,a in opts:
if o in ("-h","--help"):
usage()
elif o in ("-l","--listen"):
listen=True
elif o in ("-e","--execute"):
execute=a
elif o in ("-c","--commandshell"):
command=True
elif o in ("-u","--upload"):
upload_destination=a
elif o in ("-t","--target"):
target=a
elif o in ("-p","--port"):
port=int(a)
else:
assert False,"Unhandled Option"

if not listen and len(target) and port >0:
buffer = sys.stdin.read()
client_sender(buffer)
if listen:
server_loop()

main()

由于在主函数里面使用了buffer=sys.sdtin.read()读取数据，

所以在输入了python python_netcat.py -t xxxx -p xx 之后， 要使用ctrl+d 发送数据，注意：不是回车，是ctrl+d ！！！