Python - Websocket 学习

发表于 | 分类于

嬉皮笑脸面对人生的难。——《山丘》

前言

最近在用python写一个websocket连接,以及通过socket传shell,于是乎学习一下如何使用这个东西。

大致是通过websocket客户端发送系统命令,然后通过socket发送给远程服务器,然后返回shell数据给到websocket客户端。

客户端

没啥说的,贴代码吧。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
<html>
<head>
<title>Simple client</title>

<script type="text/javascript">

var ws;

function init() {
    // 获取服务端ip
    var ip_addr = document.location.hostname;
    window.WebSocket = window.WebSocket || window.MozWebSocket;
    ws = new WebSocket('ws://' + '127.0.0.1' +':9002');         // 申请新的客户端

    // Connect to Web Socket
    //ws = new WebSocket("ws://localhost:9001/");

    // Set event handlers.
    ws.onopen = function() {
        output("onopen");
    };

    ws.onmessage = function(e) {
        // e.data contains received string.
        output(e.data);
    };

    ws.onclose = function() {
        output("onclose");
    };

    ws.onerror = function(e) {
        output("onerror");
        console.log(e)
    };

}

function onSubmit() {
    var input = document.getElementById("input");
    // You can send message to the Web Socket using ws.send.
    ws.send(input.value);
    output("<br>" + "send: " + input.value + "<br>");
    input.value = "";
    input.focus();
}

function onCloseClick() {
    ws.close();
}

function output(str) {
  	// 为后面的socket连接做数据处理
    var log = document.getElementById("log");
    var escaped = str.replace(/&amp;/, "&amp;").replace(/</, "<").
        replace(/>/, "&gt;").replace(/"/, "&quot;").replace(/\n/g,"<br>"); // "
                                     log.innerHTML = log.innerHTML + escaped;
                                     }

</script>
</head>
<body onload="init();">
<form onsubmit="onSubmit(); return false;">
    <input type="text" id="input">
    <input type="submit" value="Send">
    <button onclick="onCloseClick(); return false;">close</button>
</form>
<div id="log"></div>
</body>
</html>

服务端

这里主要用到了 websocket_sever 这个东西,代码也很简单,这里主要做个记录。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
from websocket_server import WebsocketServer

# 当新的客户端连接时会提示
# Called for every client connecting (after handshake)
def new_client(client, server):
    print("New client connected and was given id %d" % client['id'])
    server.send_message_to_all("Hey all, a new client has joined us")

# 当旧的客户端离开
# Called for every client disconnecting
def client_left(client, server):
    print("Client(%d) disconnected" % client['id'])

# 接收客户端的信息。
# Called when a client sends a message
def message_received(client, server, message):
    if len(message) > 200:
        message = message[:200]+'..'
    print("Client(%d) said: %s" % (client['id'], message))

PORT=9001
server = WebsocketServer(PORT, "0.0.0.0")
server.set_fn_new_client(new_client)
server.set_fn_client_left(client_left)
server.set_fn_message_received(message_received)
server.run_forever()

客户端发送来系统命令,然后交由socket与远程服务器进行处理。然后将接收到的shell返回给客户端。

shell数据返回给客户端的时候,直接将整个socket返回就好了。

1
2
3
4
5
6
7
8
def serverRecvData(client, server_socket):
    # 接收服务端数据并发送给websocket
    ws_proxy = ws_proxy_pool.get(uuid)

    while True:
        time.sleep(1)
        target_data = server_socket.recv(4096).decode()
        ws_proxy_pool[uuid].server.send_message(ws_proxy_pool[uuid].ws_client, target_data)

此时,websocket就可以接收到数据了shell数据了。