Introduction:
Netcat is the Swiss army knife when it comes to TCP/IP, a utility used to open network connections commonly integrated into a wide range of apps. Because of the ease of its adaptability and high performance, it exists in several operating systems as command line service to know the status of ports (the case of scanning for open ports) and sends source routed packets allowing file transfer, creating proxy servers or even asynchronous messaging.
However, due to this flexibility in malicious usage, sharp systems administrators choose to remove it from their systems, making it harder for attackers to push files or have a listener which allows command line access to a target’s machine. Thus, creating a Python alternative which allows obtaining the same results may come in handy not only to conduct a successful penetration testing process sometimes but also as great Python exercise.
Let’s get started:
Let's start with creating our project directory and the nc-alt.py : netcat-alternative –> nc-alt-py
PS: You can find all the explanations of the code after a#
Inside nc-alt.py
First, we import the necessary libraries.
#!/usr/local/bin/python2.7 # because we need the python 2.X interepter import sys # a module which provides access to some variables used or maintained by the interpreter and to functions that interact strongly with the interpreter. import socket # access to socket interface import getopt # parser for command line options import threading # for multi-threading tasks import subprocess # spawn new processes, connect to their input/output/error pipes
Then let’s default some settings
listen = Falsecommand = Falseupload = Falseexecute = ""target = ""upload_destination = ""port = ""
Now we create our usage function :
I used the .format() to add a behavior which is replacing the {} with the name of the file in case you want to change it.
Now we do the main function :
In the first section we use the global keyword in order to be able to modify the values of the variables I called settings earlier, otherwise, their values stay the same even after altering them.
In the second section we check if the user did input something as an argument, otherwise, we execute the usage function which will output correct usage method of the tool.
In the third section, we collect user flags and arguments to be assigned to our global variables.
In the fourth section, we are going to listen or just send data from stdin, read the buffer from the command line and listen and potentially upload things, execute commands and drop shell back depending on the options specified by the user.
Now we’ll move on and handle both our command execution and our full command shell.
–> We created a TCP server with threading. We dealt with sub process which gives several ways to start and interact with client programs and we leveraged its abilities to run commands on the local operating system and to return the output back to the client who is connected to us.
–> The try and catch (exception handling) was made for the purpose of letting a user know when a command failed.
Brought to you by Jawady Muhammad Habib
