1 00:00:00,660 --> 00:00:01,650 Instructor: Welcome back. 2 00:00:01,650 --> 00:00:03,330 Now that we covered our shell 3 00:00:03,330 --> 00:00:05,640 and target communication functions, 4 00:00:05,640 --> 00:00:08,310 it is time we employ the reliable send 5 00:00:08,310 --> 00:00:11,400 and reliable receive functions. 6 00:00:11,400 --> 00:00:14,370 So if I go to my server code right here, 7 00:00:14,370 --> 00:00:17,040 you will notice that we did code a part of the 8 00:00:17,040 --> 00:00:18,390 target communication function, 9 00:00:18,390 --> 00:00:21,120 but this is not really working. 10 00:00:21,120 --> 00:00:23,640 These functions do not exist. 11 00:00:23,640 --> 00:00:25,230 We must create them first, 12 00:00:25,230 --> 00:00:28,920 in order to be able to successfully send and receive data. 13 00:00:28,920 --> 00:00:32,369 Let's start with the reliable send function first. 14 00:00:32,369 --> 00:00:36,120 Since that one is easier, we just need to send the data. 15 00:00:36,120 --> 00:00:40,320 And for this we're going to use the JSON library 16 00:00:40,320 --> 00:00:43,080 in order to more easily parse the data. 17 00:00:43,080 --> 00:00:46,447 So down here I'm going to define reliable_send 18 00:00:47,460 --> 00:00:50,190 and reliable send will take one parameter. 19 00:00:50,190 --> 00:00:51,450 As we can see right here, 20 00:00:51,450 --> 00:00:54,090 it has to be the data that we are going to send. 21 00:00:54,090 --> 00:00:57,270 So we're just going to name that parameter, data. 22 00:00:57,270 --> 00:00:58,642 Then let's add two dots. 23 00:00:58,642 --> 00:01:00,630 And inside of the function 24 00:01:00,630 --> 00:01:04,739 we are going to define something called JASON data. 25 00:01:04,739 --> 00:01:07,170 And this is going to be a variable that is going to 26 00:01:07,170 --> 00:01:11,580 store the output of the dumps method 27 00:01:11,580 --> 00:01:15,510 from the JASON library onto our data. 28 00:01:15,510 --> 00:01:16,470 Now keep in mind, 29 00:01:16,470 --> 00:01:19,680 that this data is the actual command in our case. 30 00:01:19,680 --> 00:01:22,260 Since inside of the target communication function 31 00:01:22,260 --> 00:01:24,060 once we call the reliable send 32 00:01:24,060 --> 00:01:27,330 it parses the command inside of the brackets. 33 00:01:27,330 --> 00:01:29,130 So you can just change those commands 34 00:01:29,130 --> 00:01:31,170 to be this data right here. 35 00:01:31,170 --> 00:01:34,710 Then we perform the JASON dumps onto that command 36 00:01:34,710 --> 00:01:37,140 and we store it inside of JASON data. 37 00:01:37,140 --> 00:01:40,200 And finally we can use the send function 38 00:01:40,200 --> 00:01:41,730 from the socket library 39 00:01:41,730 --> 00:01:46,260 onto our target to send the actual data. 40 00:01:46,260 --> 00:01:48,360 So we can type JASON data. 41 00:01:48,360 --> 00:01:49,440 And just to remind you, 42 00:01:49,440 --> 00:01:53,820 this target is the actual target socket object 43 00:01:53,820 --> 00:01:56,760 that we get once we accept the connection. 44 00:01:56,760 --> 00:01:59,400 We're just using a socket send function 45 00:01:59,400 --> 00:02:03,090 onto this target object once we are sending the data. 46 00:02:03,090 --> 00:02:05,100 But one more thing before we finish 47 00:02:05,100 --> 00:02:06,660 with the reliable send function 48 00:02:06,660 --> 00:02:08,430 is that in Python three, 49 00:02:08,430 --> 00:02:11,280 once we are sending the data over sockets, 50 00:02:11,280 --> 00:02:15,120 we need to encode that data. 51 00:02:15,120 --> 00:02:16,350 So we can do that by 52 00:02:16,350 --> 00:02:18,600 simply specifying inside of the brackets, 53 00:02:18,600 --> 00:02:22,620 our data and then encode function onto it. 54 00:02:22,620 --> 00:02:25,320 Then it will first encode the data 55 00:02:25,320 --> 00:02:29,010 and then it will send it with the send function. 56 00:02:29,010 --> 00:02:30,780 Simple as that. 57 00:02:30,780 --> 00:02:34,740 Now the same thing we need to do with our reliable receive, 58 00:02:34,740 --> 00:02:36,840 so I'm going to code it right here. 59 00:02:36,840 --> 00:02:38,010 Reliable receive. 60 00:02:38,010 --> 00:02:38,940 And we know that 61 00:02:38,940 --> 00:02:41,760 the reliable receive doesn't take any parameters 62 00:02:41,760 --> 00:02:43,710 inside of the brackets. 63 00:02:43,710 --> 00:02:46,200 And what we are going to do to receive the data 64 00:02:46,200 --> 00:02:48,630 is we are first going to define a variable 65 00:02:48,630 --> 00:02:50,550 to be an empty string. 66 00:02:50,550 --> 00:02:52,533 We're just going to call it data. 67 00:02:53,370 --> 00:02:57,240 And we are going to then enter inside of the infinite 68 00:02:57,240 --> 00:02:58,800 while true loop. 69 00:02:58,800 --> 00:02:59,850 Inside of that loop, 70 00:02:59,850 --> 00:03:00,809 what we're going to try, 71 00:03:00,809 --> 00:03:03,480 is we are going to try to get the data 72 00:03:03,480 --> 00:03:08,480 by typing data=data+target.receive. 73 00:03:10,530 --> 00:03:11,760 And just to remind you, 74 00:03:11,760 --> 00:03:13,950 the receive function is the function 75 00:03:13,950 --> 00:03:15,060 from the socket library. 76 00:03:15,060 --> 00:03:17,160 So we are just using it once again 77 00:03:17,160 --> 00:03:18,930 on to our target connection. 78 00:03:18,930 --> 00:03:22,440 And this receive function takes one parameters. 79 00:03:22,440 --> 00:03:24,960 That is the amount of bites that we want to receive. 80 00:03:24,960 --> 00:03:25,793 In our case, 81 00:03:25,793 --> 00:03:29,490 we are just going to specify thousand and 24 bites. 82 00:03:29,490 --> 00:03:31,830 But this is not everything that we must do. 83 00:03:31,830 --> 00:03:34,200 Remember that once we are sending the data 84 00:03:34,200 --> 00:03:36,300 we actually encode the data. 85 00:03:36,300 --> 00:03:38,640 Well in order for us to get the data 86 00:03:38,640 --> 00:03:41,460 as it was before it got encoded, 87 00:03:41,460 --> 00:03:46,020 we must then decode the data once we receive it, right? 88 00:03:46,020 --> 00:03:48,030 And at the end we are going to add 89 00:03:48,030 --> 00:03:51,198 a strip function onto all of this. 90 00:03:51,198 --> 00:03:52,898 Okay, great. 91 00:03:52,898 --> 00:03:55,560 After that, once we receive the data, 92 00:03:55,560 --> 00:04:00,560 we can return from this function the Jason.loads of our data 93 00:04:02,010 --> 00:04:04,890 and this is just the format that we're going to output it. 94 00:04:04,890 --> 00:04:08,070 Since remember we must return from this function, 95 00:04:08,070 --> 00:04:11,010 as it does get stored inside of a variable. 96 00:04:11,010 --> 00:04:14,340 Our result will be our data. 97 00:04:14,340 --> 00:04:16,920 And in the accept statement, 98 00:04:16,920 --> 00:04:20,010 of course, we must not forget that. 99 00:04:20,010 --> 00:04:23,130 So I'm going to go down here and add except. 100 00:04:23,130 --> 00:04:27,093 And what we are going to accept is the value error. 101 00:04:28,200 --> 00:04:30,060 So in case we get the value error, 102 00:04:30,060 --> 00:04:33,213 we are simply going to continue with the execution. 103 00:04:34,320 --> 00:04:37,290 So once again, what is this function doing? 104 00:04:37,290 --> 00:04:41,100 Well, it initiates data variable to be empty string. 105 00:04:41,100 --> 00:04:45,960 Then we try to get thousand and 24 bytes from our target. 106 00:04:45,960 --> 00:04:48,630 If we add it to the previous data that we received, 107 00:04:48,630 --> 00:04:51,990 then we decode the data of course before adding it 108 00:04:51,990 --> 00:04:55,320 and then we strip it from any additional characters. 109 00:04:55,320 --> 00:04:58,680 We then return the JSON loads of that data 110 00:04:58,680 --> 00:05:01,770 and that will be stored inside of the results variable 111 00:05:01,770 --> 00:05:04,383 that we then print to our screen. 112 00:05:05,580 --> 00:05:07,650 So all we need to do right now 113 00:05:07,650 --> 00:05:10,470 is we need to add these two functions 114 00:05:10,470 --> 00:05:12,510 to our backdoor code as well. 115 00:05:12,510 --> 00:05:14,280 So copy them. 116 00:05:14,280 --> 00:05:17,223 Save the server code and then nano backdoor. 117 00:05:18,480 --> 00:05:19,313 Go up here 118 00:05:20,550 --> 00:05:22,683 and paste the functions. 119 00:05:23,970 --> 00:05:26,100 However, there is one thing that we must change 120 00:05:26,100 --> 00:05:29,430 and that is this target.send right here. 121 00:05:29,430 --> 00:05:32,550 Since we are not sending to the target from our backdoor, 122 00:05:32,550 --> 00:05:34,080 we are sending to the server 123 00:05:34,080 --> 00:05:37,590 and we initiated this socket object to be S. 124 00:05:37,590 --> 00:05:39,330 So this is our only socket object 125 00:05:39,330 --> 00:05:43,080 and we are going to use that to send our data. 126 00:05:43,080 --> 00:05:45,090 The same thing we want to do inside of the 127 00:05:45,090 --> 00:05:46,920 reliable receive function. 128 00:05:46,920 --> 00:05:49,170 We are not receiving from the target 129 00:05:49,170 --> 00:05:52,020 using the S socket object. 130 00:05:52,020 --> 00:05:53,670 Since if we left here target, 131 00:05:53,670 --> 00:05:56,400 target is undefined inside of our backdoor code. 132 00:05:56,400 --> 00:05:59,070 Therefore, it will throw us an error. 133 00:05:59,070 --> 00:06:00,993 Everything else can stay the same. 134 00:06:01,920 --> 00:06:04,860 And now that we got these two functions ready, 135 00:06:04,860 --> 00:06:05,693 in the next video 136 00:06:05,693 --> 00:06:07,470 we are going to write the part of the code 137 00:06:07,470 --> 00:06:09,270 that will execute the command. 138 00:06:09,270 --> 00:06:12,690 It is once again stored in this L statement right here. 139 00:06:12,690 --> 00:06:14,460 We for now just put the comment 140 00:06:14,460 --> 00:06:16,290 and in the next video we're going to use the 141 00:06:16,290 --> 00:06:19,320 sub process library to perform the action 142 00:06:19,320 --> 00:06:21,090 of executing the command. 143 00:06:21,090 --> 00:06:22,390 See you in the next video.