1
00:00:02,200 --> 00:00:05,650
Time to code our download and upload functions.

2
00:00:06,370 --> 00:00:12,550
So for now, recorded a bunch of different options, such as executing commands, cutting out the shelf,

3
00:00:12,730 --> 00:00:14,650
changing directories, clearing the screen.

4
00:00:14,890 --> 00:00:20,710
But let's also see how we can create two functions that will allow us to download and upload files on

5
00:00:20,710 --> 00:00:21,540
the target machine.

6
00:00:22,660 --> 00:00:24,760
So let's start with server first.

7
00:00:25,150 --> 00:00:32,620
I'm going to navigate to my tools and to the backdoor directory here, our NENO, our server and inside

8
00:00:32,620 --> 00:00:38,950
of the server down here, we want to code the download function first so Don't Function will be used

9
00:00:38,950 --> 00:00:41,270
to download the files from the target machine.

10
00:00:41,740 --> 00:00:46,780
And the reason why I'm saying this is because even though it is obvious from our server, we will be

11
00:00:46,780 --> 00:00:51,140
downloading files that from our backdoor code, we will be uploading files.

12
00:00:51,790 --> 00:00:52,830
What I mean by that?

13
00:00:53,200 --> 00:00:59,220
Well, since Back-Door will be running on the target system for that machine, the code will upload

14
00:00:59,230 --> 00:01:05,470
a file to our server, while from our server perspective we will be downloading that file to our Linux

15
00:01:05,470 --> 00:01:05,810
machine.

16
00:01:06,460 --> 00:01:14,770
So inside of the server here, we want to add an option or else if the command and then first eight

17
00:01:14,770 --> 00:01:16,610
characters and you might be wondering why.

18
00:01:16,610 --> 00:01:17,740
First eight characters.

19
00:01:18,190 --> 00:01:25,180
Well, because Download has eight characters and we're comparing if the command starts with download,

20
00:01:25,420 --> 00:01:28,110
then we're going to download a specific file.

21
00:01:28,300 --> 00:01:32,500
And to do that, we're going to use download, underscore file function.

22
00:01:33,600 --> 00:01:38,910
This function will take the parameters of the file name, so we are going to type command and from the

23
00:01:38,910 --> 00:01:43,680
ninth character till the end, of course, this function, we are going to code right now.

24
00:01:43,860 --> 00:01:49,080
But just to clarify why I wrote it like this is because once again, if the command is something like

25
00:01:49,080 --> 00:01:51,260
this, download file that the.

26
00:01:52,860 --> 00:01:57,330
We're comparing first eight characters, if they're equal to download, if they are.

27
00:01:57,360 --> 00:02:03,810
That means we are downloading Apple and then we will paste this to this download file function since

28
00:02:03,810 --> 00:02:09,660
we are going to strip first nine characters of which will be the download world and the empty space.

29
00:02:10,640 --> 00:02:18,200
OK, now that we did this, let us code the download function up here, so we are going to code it below

30
00:02:18,200 --> 00:02:19,340
the reliable receive.

31
00:02:19,490 --> 00:02:20,810
Let us define it first.

32
00:02:20,810 --> 00:02:23,870
So define the download underscore file.

33
00:02:24,890 --> 00:02:30,050
As we already know, this function takes one parameter, which is the file name.

34
00:02:32,190 --> 00:02:36,390
And this is going to be a little bit of a hard function to code, but let's give it a try.

35
00:02:36,420 --> 00:02:37,860
We're going to start like this.

36
00:02:38,460 --> 00:02:43,740
We're going to initiate a file object and how we do that in Python, we simply specify the file object's

37
00:02:43,740 --> 00:02:45,870
name and then we open it.

38
00:02:48,030 --> 00:02:53,850
But besides of opening it, we must specify the way we want to open it, whether we want to open it

39
00:02:53,850 --> 00:02:55,770
for reading or for writing.

40
00:02:56,250 --> 00:02:58,860
That is a second parameter to this open function.

41
00:02:58,860 --> 00:03:04,290
In this case, since we're going to download the file, we want to write the content that we receive

42
00:03:04,290 --> 00:03:07,780
from our back door to the file that we create on our Linux machine.

43
00:03:07,950 --> 00:03:12,300
Therefore, inside of our server code, we want to write bytes.

44
00:03:12,600 --> 00:03:14,050
So what does this mean?

45
00:03:14,310 --> 00:03:19,600
Well, we're opening this file object to store the contents of the file that we want to download.

46
00:03:19,920 --> 00:03:22,580
That's why we're going to write that content.

47
00:03:22,800 --> 00:03:26,460
And this W stands for right while this B stands for bytes.

48
00:03:26,470 --> 00:03:29,370
So we're essentially writing bytes to our file.

49
00:03:30,350 --> 00:03:35,280
Then another thing that we must add is the target date set time out.

50
00:03:35,690 --> 00:03:40,760
This is a function that we get from the socket library and we are going to set the timer to be one in

51
00:03:40,760 --> 00:03:41,350
this case.

52
00:03:42,110 --> 00:03:42,490
Why?

53
00:03:42,770 --> 00:03:48,180
Well, sometimes if we don't set the time out, it might actually get stuck and not allow us to download

54
00:03:48,180 --> 00:03:48,600
the file.

55
00:03:48,920 --> 00:03:54,200
Of course, this time out is something that at the end of this function, we must remove so it doesn't

56
00:03:54,200 --> 00:03:56,620
interfere with other commands and connections.

57
00:03:56,870 --> 00:03:59,240
But for this function, we must set the timer.

58
00:03:59,510 --> 00:04:01,490
So our program doesn't crash.

59
00:04:01,940 --> 00:04:02,360
Great.

60
00:04:02,720 --> 00:04:08,000
Once we initiate a timeout, we're going to initiate a variable called chunk and this chunk will be

61
00:04:08,000 --> 00:04:11,710
a small part of data that we're going to receive multiple times.

62
00:04:12,320 --> 00:04:17,570
So we're going to type target that receive and we're going to specify inside of the brackets amount

63
00:04:17,570 --> 00:04:18,740
of bytes that we want to receive.

64
00:04:18,740 --> 00:04:22,810
In this case, we are going to use a thousand and twenty four bytes.

65
00:04:23,540 --> 00:04:27,270
So how are we going to keep receiving data until the file sizes over?

66
00:04:27,800 --> 00:04:35,300
Well, we can just type while Chunk and this while Chunk will simply run this while loop, as long as

67
00:04:35,300 --> 00:04:40,580
there is something inside of the chunk variable and if there is something inside of the chunk variable,

68
00:04:40,670 --> 00:04:43,390
we want to write that something to our file.

69
00:04:43,400 --> 00:04:51,050
And we do that using our file object that we called F and using the write function onto that object

70
00:04:51,440 --> 00:04:51,920
so far.

71
00:04:51,930 --> 00:04:52,460
That's right.

72
00:04:52,460 --> 00:04:55,430
And we are writing the chunk inside of that file.

73
00:04:56,690 --> 00:05:03,650
Then after we write that, we're going to try to receive the chunk once again, so Chank equals target

74
00:05:03,650 --> 00:05:07,820
dot receive, we are going to go with two thousand twenty four bytes once again.

75
00:05:08,270 --> 00:05:18,650
And if we run into a timeout, so socketed a timeout as error, we are going to simply break out of

76
00:05:18,650 --> 00:05:23,600
this while chank loop because that would mean that we reached the end of the file.

77
00:05:24,410 --> 00:05:32,930
And at the end, let's not forget to set the time out to nonexistent so we can do that by specifying

78
00:05:33,170 --> 00:05:36,110
target date, set time out to none.

79
00:05:36,680 --> 00:05:42,140
We are simply just removing this statement right here that we initiated at the beginning of the download

80
00:05:42,140 --> 00:05:42,880
file function.

81
00:05:43,490 --> 00:05:49,940
And the one last thing that we must do is any time that we open a file object, once we are finished

82
00:05:49,940 --> 00:05:53,010
with that object, we must close it inside of our function.

83
00:05:53,210 --> 00:05:55,290
So I would just type F that close.

84
00:05:56,060 --> 00:05:56,420
Great.

85
00:05:56,660 --> 00:06:01,430
This is our download file function that we're going to run inside of the server code.

86
00:06:01,790 --> 00:06:07,250
Now let's see how we can create the correspondant function to this inside of the backdoor.

87
00:06:07,250 --> 00:06:14,960
Could remember from here we're downloading a file, but from the backdoor we are uploading file.

88
00:06:15,710 --> 00:06:24,500
So what we must do right here is inside of the shell function, we must add and else if statement so

89
00:06:24,500 --> 00:06:29,810
elusive, command first eight characters are equal, equal to download.

90
00:06:29,960 --> 00:06:33,440
We are doing the same thing that we did in our server just here.

91
00:06:33,470 --> 00:06:37,630
We are going to call, upload file on to the file name.

92
00:06:37,640 --> 00:06:39,950
So from the ninth character till the end.

93
00:06:41,200 --> 00:06:45,850
Since our back is uploading a file, the function will be quite a lot easier to code.

94
00:06:45,850 --> 00:06:51,580
So let let's go up here and below the connection function, we can define upload, file.

95
00:06:52,550 --> 00:06:58,820
This, of course, will take filename as the parameter and the only thing we need to do is open the

96
00:06:58,820 --> 00:07:01,210
file that we want to upload to the server.

97
00:07:01,850 --> 00:07:06,860
In this case, we are going to define the file name as the first parameter, just as we did inside of

98
00:07:06,860 --> 00:07:09,080
our download file in the server code.

99
00:07:09,380 --> 00:07:13,750
Just this time we are going to read bytes from this file.

100
00:07:14,360 --> 00:07:14,730
Why?

101
00:07:14,870 --> 00:07:16,070
Well, from the backdoor.

102
00:07:16,100 --> 00:07:20,780
We're not writing or storing a file onto the system.

103
00:07:20,900 --> 00:07:25,190
We're simply just reading the contents of the file that the server wants to download.

104
00:07:25,340 --> 00:07:29,060
And we are going to send that content to our server program.

105
00:07:29,950 --> 00:07:31,480
So how can we do that in Python?

106
00:07:31,660 --> 00:07:38,140
Well, we can type as the tent and the thing that we are sending is file dot, right?

107
00:07:39,610 --> 00:07:45,750
This is the entire upload file function, but before we actually close off this video, we must also

108
00:07:45,760 --> 00:07:47,090
go the upload function.

109
00:07:47,470 --> 00:07:52,440
What if we want to upload a file to the target system from our Kalinda's machine?

110
00:07:53,380 --> 00:07:58,930
Well, it is pretty much the same thing, we just need to reverse these two functions, which are upload,

111
00:07:58,930 --> 00:08:00,220
file and download file.

112
00:08:00,790 --> 00:08:06,340
So what I'm going to do is I'm going to copy this function, save this program.

113
00:08:08,730 --> 00:08:17,070
Go to my server code and I'm going to paste the upload file function right above the download file just

114
00:08:17,070 --> 00:08:17,490
here.

115
00:08:17,550 --> 00:08:23,420
I'm going to change the S DOT sent into Target, DOT sent one.

116
00:08:23,430 --> 00:08:24,540
Will this function run?

117
00:08:24,570 --> 00:08:28,200
Well, it will run if the command starts with upload.

118
00:08:28,230 --> 00:08:36,240
So let's define it down here in the target communication or else if command and first six characters

119
00:08:36,240 --> 00:08:37,970
are equally quick to upload.

120
00:08:39,200 --> 00:08:46,130
Then we are calling the upload file function onto the command and from the seventh character till the

121
00:08:46,130 --> 00:08:52,100
end, once again from the seventh character, because after the seventh character starts the name of

122
00:08:52,100 --> 00:08:53,570
the file that we want to upload.

123
00:08:54,420 --> 00:08:55,240
OK, great.

124
00:08:55,260 --> 00:09:00,930
And one more thing that we must do is now we must copy this download file function and add it to our

125
00:09:00,930 --> 00:09:01,750
backdoor code.

126
00:09:02,280 --> 00:09:05,430
Let's save this, go to our backdoor code.

127
00:09:06,990 --> 00:09:09,690
And since we already have the upload file function.

128
00:09:11,020 --> 00:09:17,730
Right below it, we're going to add the download file function, but of course, we must change this

129
00:09:17,740 --> 00:09:23,500
target into S because Target is not initiated inside of our backdoor code here as well.

130
00:09:25,090 --> 00:09:28,380
Inside of this statement as well, we must change.

131
00:09:28,390 --> 00:09:33,130
And at the end, once we remove the timeout, we must also add.

132
00:09:33,130 --> 00:09:34,780
S great.

133
00:09:35,260 --> 00:09:41,600
Now that we did all of this, our functions should run just before we close off this video.

134
00:09:41,650 --> 00:09:46,000
We must also add the upload option inside of our shell function.

135
00:09:46,840 --> 00:09:52,300
So let's just go down here below the download and type or else if command.

136
00:09:53,730 --> 00:09:58,770
First, six characters are equal, equal to upload.

137
00:10:01,210 --> 00:10:08,920
Then what we want to do is we don't want to upload the file, we want to download a file, and it is

138
00:10:08,920 --> 00:10:14,950
the same principle as with the previous function, since if the server sends the upload command, it

139
00:10:14,950 --> 00:10:17,350
wants to send its own file to our backdoor.

140
00:10:17,590 --> 00:10:22,590
Therefore, from the backdoor perspective, we are downloading that file to the target system.

141
00:10:23,290 --> 00:10:29,290
And what we must specify is command from the seventh character till the end.

142
00:10:30,340 --> 00:10:36,280
And that would be about it, we go there to download and upload functions now, we are not going to

143
00:10:36,370 --> 00:10:42,370
test them inside of this video, but in the next video, we're also going to test our previous comments

144
00:10:42,370 --> 00:10:48,340
and see if our back door works on the target system, if our quick command works, if execution of the

145
00:10:48,340 --> 00:10:54,130
commands work, if we can change the directory and at the end we're going to see whether we can upload

146
00:10:54,280 --> 00:10:58,150
and download the file from that target machine see in the next video.