<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: python7427 ython</title>
    <description>The latest articles on DEV Community by python7427 ython (@python7427_ython_5b792b77).</description>
    <link>https://dev.to/python7427_ython_5b792b77</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F4035231%2F0d8f60f0-439f-49c9-8bb3-13e4393481ec.jpg</url>
      <title>DEV Community: python7427 ython</title>
      <link>https://dev.to/python7427_ython_5b792b77</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/python7427_ython_5b792b77"/>
    <language>en</language>
    <item>
      <title>Building a Custom Netcat in Python: Achieving RCE and Remote File Uploads on Android 📱💻</title>
      <dc:creator>python7427 ython</dc:creator>
      <pubDate>Sat, 18 Jul 2026 12:33:10 +0000</pubDate>
      <link>https://dev.to/python7427_ython_5b792b77/building-a-custom-netcat-in-python-achieving-rce-and-remote-file-uploads-on-android-5752</link>
      <guid>https://dev.to/python7427_ython_5b792b77/building-a-custom-netcat-in-python-achieving-rce-and-remote-file-uploads-on-android-5752</guid>
      <description>&lt;p&gt;&lt;strong&gt;Introduction&lt;/strong&gt;&lt;br&gt;
Understanding how malicious actors gain Remote Code Execution (RCE) or exfiltrate data requires a solid grasp of low-level networking tools. While standard tools like netcat are readily available, rewriting them from scratch is one of the best ways to master socket programming and threat concepts.&lt;/p&gt;

&lt;p&gt;In this project, I built a custom Python implementation of Netcat (netcat.py). Using nothing but my Android device running Termux, I successfully bound the script to the local wildcard address (0.0.0.0), simulated an RCE payload execution, and remotely pushed a file to the system. Here is how the tool works and how I tested it in a mobile lab environment.&lt;br&gt;
&lt;strong&gt;How the Script Works&lt;/strong&gt;&lt;br&gt;
Instead of breaking down the code line by line, let’s look at the architectural design of this tool.&lt;br&gt;
The core of the netcat.py script relies on Python’s standard socket, threading, and subprocess modules. It is built as a multi-functional networking utility governed by command-line arguments handled via argparse. The tool operates in two fundamental modes:&lt;br&gt;
Client Mode (send): Connects directly to a targeted remote IP and port to transmit a data buffer or initiate an interactive session.  Server Mode (listen): Binds to a local interface (like 0.0.0.0 to listen on all available network interfaces) and waits for incoming connections. To keep the server responsive, each incoming client connection is offloaded to a separate worker thread&lt;br&gt;
Once a connection is established in server mode, the script executes one of three core workflows based on user flags:&lt;/p&gt;

&lt;p&gt;Command Execution (-e): Runs a specific system command via the host OS shell using subprocess and returns the output to the client.&lt;br&gt;
File Upload (-u): Continuous packets are read directly from the socket stream and compiled into a file buffer, which is then written locally to the target's disk.  Interactive Shell (-c): Spawns a lightweight loop acting as a remote command shell, passing received strings directly to the underlying terminal execution environment and feeding the results back across the socket.&lt;br&gt;
&lt;strong&gt;The Android Lab Setup &amp;amp; Proof of Concept&lt;/strong&gt;&lt;br&gt;
Testing offensive scripts on an unrooted Android device provides a highly contained sandbox environment. Here is how I validated the application's core functionality.&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Simulating the Target Environment (Listener)
First, I set up the script inside Termux to act as the target server. By binding it to 0.0.0.0, the script listens on all available interfaces, allowing connections locally or from the local network.&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;To simulate a scenario where we want to remotely drop a file onto the device, I initiated the listener with the upload flag:&lt;br&gt;
python netcat.py -t 0.0.0.0 -p 5555 -l -u=dropped_file.txt&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;Executing the Remote File Upload (Client)
From a separate terminal instance (or a separate device on the same local network), I acted as the operator. By piping the contents of a local file into our custom client, the network socket cleanly transferred the data payload:
echo "This file was transferred via custom Python Netcat!" | python netcat.py -t 127.0.0.1 -p 5555
Upon receiving the stream, the listener on the Android environment successfully terminated the connection, closed the buffer, and saved dropped_file.txt to the file system exactly as intended.  Using the shell execution (-c or -e) flags, this same architecture effortlessly grants standard Remote Code Execution (RCE) to issue commands within the application's user permissions.
Takeaways &amp;amp; Defensive Considerations
Replicating these utilities reinforces a few crucial security paradigms:&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;Permissions Matter: Even without root access on Android, a userland environment like Termux can host network services capable of executing arbitrary commands within its application sandbox.&lt;br&gt;
Ingress Monitoring: Security systems must heavily monitor internal networks for unexpected listeners binding to wildcard addresses (0.0.0.0).&lt;br&gt;
Building tools like this completely reframes how you look at network protocols. If you are interested in trying this out or studying the implementation further, the full source code is available in my repository!&lt;br&gt;
If you are interested in trying this out, the full source code is available in my &lt;a href="https://github.com/pythonython7427-ops/netcat-developed-in-python" rel="noopener noreferrer"&gt;GitHub Repository&lt;/a&gt;!&lt;/p&gt;

</description>
      <category>cybersecurity</category>
      <category>python</category>
      <category>networking</category>
      <category>mobile</category>
    </item>
    <item>
      <title>How I Built a Network Scanner in Python Using Termux on an Unrooted Android Phone 📱🐍</title>
      <dc:creator>python7427 ython</dc:creator>
      <pubDate>Sat, 18 Jul 2026 12:06:59 +0000</pubDate>
      <link>https://dev.to/python7427_ython_5b792b77/how-i-built-a-network-scanner-in-python-using-termux-on-an-unrooted-android-phone-1kbk</link>
      <guid>https://dev.to/python7427_ython_5b792b77/how-i-built-a-network-scanner-in-python-using-termux-on-an-unrooted-android-phone-1kbk</guid>
      <description>&lt;p&gt;&lt;strong&gt;Introduction&lt;/strong&gt;&lt;br&gt;
In cybersecurity and networking, you don’t always need a high-end desktop setup to practice your skills. Sometimes, the best lab is the one right in your pocket.&lt;/p&gt;

&lt;p&gt;In this post, I will share how I successfully wrote and executed a network port and DNS scanner using Python and Scapy, running entirely inside Termux on an unrooted Android device. If you've ever wanted to turn your phone into a portable network analysis tool, here is how you can do it.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Why Termux and Scapy&lt;/strong&gt;?&lt;br&gt;
Termux brings a powerful Linux environment to Android without requiring root access. By pairing it with Scapy—a powerful Python-based interactive packet manipulation program—we can craft custom packets to scan systems for open ports (SYN scans) and active DNS services.&lt;/p&gt;

&lt;p&gt;Note: Because Scapy handles raw packet generation, running network scans on an unrooted phone can sometimes face socket restrictions. However, utilizing standard TCP/UDP scripting within Termux provides an incredible, lightweight learning lab.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;The Code&lt;/strong&gt;&lt;br&gt;
Here is the Python script I used. It takes a target IP address, validates it using Python's native ipaddress module, and then performs a stealthy SYN scan alongside a DNS service check.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Python&lt;/strong&gt;&lt;br&gt;
from scapy.all import *&lt;br&gt;
import ipaddress&lt;/p&gt;

&lt;h1&gt;
  
  
  Common ports to target
&lt;/h1&gt;

&lt;p&gt;ports = [25, 80, 53, 443, 445, 8080, 8443]&lt;/p&gt;

&lt;p&gt;def SynScan(host):&lt;br&gt;
    print(f"\nScanning for open ports at {host}...")&lt;br&gt;
    ans, unans = sr(&lt;br&gt;
        IP(dst=host)/&lt;br&gt;
        TCP(sport=33333, dport=ports, flags="S"),&lt;br&gt;
        timeout=2, verbose=0&lt;br&gt;
    )&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;for (s, r) in ans:
    # Check if the replying packet has the SYN-ACK (SA) flags
    if s[TCP].dport == r[TCP].sport and r[TCP].flags == "SA":
        print(f"[+] Port {s[TCP].dport} is OPEN")
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;

&lt;p&gt;def DNSScan(host):&lt;br&gt;
    ans, unans = sr(&lt;br&gt;
        IP(dst=host)/&lt;br&gt;
        UDP(dport=53)/&lt;br&gt;
        DNS(rd=1, qd=DNSQR(qname="google.com")),&lt;br&gt;
        timeout=2, verbose=0&lt;br&gt;
    )&lt;br&gt;
    if ans:&lt;br&gt;
        print(f"[+] DNS Server active at {host}")&lt;/p&gt;

&lt;h1&gt;
  
  
  Main execution
&lt;/h1&gt;

&lt;p&gt;host = input("Enter Target IP Address: ")&lt;/p&gt;

&lt;p&gt;try:&lt;br&gt;
    ipaddress.ip_address(host)&lt;br&gt;
except ValueError:&lt;br&gt;
    print("[-] Invalid IP Address format.")&lt;br&gt;
    exit(-1)&lt;/p&gt;

&lt;p&gt;SynScan(host)&lt;br&gt;
DNSScan(host)&lt;br&gt;
Breaking Down How It Works&lt;br&gt;
IP Validation: The ipaddress library ensures the script doesn't crash or send malformed data if the user inputs an invalid string.&lt;/p&gt;

&lt;p&gt;The SYN Scan (SynScan): We craft a custom TCP packet with the flags="S" (SYN) flag. If the target port is open, it replies with a SYN-ACK (SA) flag, which our script catches and prints.&lt;/p&gt;

&lt;p&gt;The DNS Probe (DNSScan): It crafts a UDP packet bound for port 53 containing a standard DNS query for google.com. If a response comes back, we know a DNS server is up and listening.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Conclusion &amp;amp; Next Steps&lt;/strong&gt;&lt;br&gt;
Building tools like this on mobile proves that you don't need expensive infrastructure to learn networking fundamentals. Moving forward, I plan on adding multi-threading to speed up the scanning process and expanding the port list.&lt;/p&gt;

&lt;p&gt;Have you ever used Termux for network testing? Let’s talk about your favorite mobile setups in the comments below!&lt;/p&gt;

</description>
      <category>python</category>
      <category>networking</category>
      <category>cybersecurity</category>
      <category>mobile</category>
    </item>
  </channel>
</rss>
