1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
|
#! /usr/bin/env python
# Remote python server.
# Execute Python commands remotely and send output back.
# WARNING: This version has a gaping security hole -- it accepts requests
# from any host on the Internet!
import sys
from socket import *
import StringIO
import traceback
PORT = 4127
BUFSIZE = 1024
def main():
if len(sys.argv) > 1:
port = int(eval(sys.argv[1]))
else:
port = PORT
s = socket(AF_INET, SOCK_STREAM)
s.bind(('', port))
s.listen(1)
while 1:
conn, (remotehost, remoteport) = s.accept()
print 'connected by', remotehost, remoteport
request = ''
while 1:
data = conn.recv(BUFSIZE)
if not data:
break
request = request + data
reply = execute(request)
conn.send(reply)
conn.close()
def execute(request):
stdout = sys.stdout
stderr = sys.stderr
sys.stdout = sys.stderr = fakefile = StringIO.StringIO()
try:
try:
exec request in {}, {}
except:
print
traceback.print_exc(100)
finally:
sys.stderr = stderr
sys.stdout = stdout
return fakefile.getvalue()
main()
|
