Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
847 views
in Technique[技术] by (71.8m points)

subprocess - Running netcat listener and sql injection in one python script

Hi so I'm pretty new to python programming and I've got an assignment that I'm busy with that requires me to do the following all in one python script:

1.Login to dvwa (BTW this is all being done in DVWA(Damn Vunerable Web Application)

2.Set up a listener

3.Send payload to DVWA using SQL Injection

4.Execute the payload (payload contains a simple netcat bind shell)

5.Receive the connection and use the shell

I've done most of this with success, the only thing I'm struggling with is creating a subprocess for the listener, I haven't worked with subprocesses before and it's very confusing.

So at the moment I'm calling netcat in a subprocess:

subprocess.call("nc -nvlp {}".format(port), shell=True)

But it's not executing the code after the listener subprocess because it's waiting for a connection, but a connection won't happen until the code below the listener gets executed. Any suggestions on how I would go about running more code after the listener subprocess? Thanks in advance.

question from:https://stackoverflow.com/questions/65842457/running-netcat-listener-and-sql-injection-in-one-python-script

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

I have found the solution, by running the subprocess in the background it completed the code below and gave me shell access.

So simply changing:

subprocess.call("nc -nvlp {}".format(port), shell=True)

To:

subprocess.Popen("nc -nvlp {}".format(port), shell=True)

Solved my problem !


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...