reverse-shell | A simple pure Go reverse shell framework over TLS

by adedayo Go Version: v0.0.2 License: BSD-3-Clause

X-Ray Key Features Code Snippets Community Discussions(3)Vulnerabilities Install Support

kandi X-RAY | reverse-shell Summary

reverse-shell is a Go library. reverse-shell has no bugs, it has no vulnerabilities, it has a Permissive License and it has low support. You can download it from GitHub.

You might be wondering ...

Support

Quality

Security

License

Reuse

Support

reverse-shell has a low active ecosystem.

It has 4 star(s) with 0 fork(s). There are 1 watchers for this library.

It had no major release in the last 12 months.

reverse-shell has no issues reported. There are no pull requests.

It has a neutral sentiment in the developer community.

The latest version of reverse-shell is v0.0.2

Quality

reverse-shell has 0 bugs and 0 code smells.

Security

reverse-shell has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.

reverse-shell code analysis shows 0 unresolved vulnerabilities.

There are 0 security hotspots that need review.

License

reverse-shell is licensed under the BSD-3-Clause License. This license is Permissive.

Permissive licenses have the least restrictions, and you can use them in most projects.

Reuse

reverse-shell releases are available to install and integrate.

Installation instructions, examples and code snippets are available.

It has 348 lines of code, 17 functions and 4 files.

It has high code complexity. Code complexity directly impacts maintainability of the code.

Top functions reviewed by kandi - BETA

kandi has reviewed reverse-shell and discovered the below as its top functions. This is intended to give you an instant insight into reverse-shell implemented functionality, and help decide if they suit your requirements.

GenCerts generates certificate and private key files .
Run command line
genRootCert generates a new root certificate
handleConnection is used to process a single connection
saveKey saves the private key to a file
processBuiltInCommands processes built - in commands
saveCert is used to save a certificate
executeCommand runs the given command
generateOutput returns a JSON representation of the current user
runCommandProcessor runs a command process .

Get all kandi verified functions for this library.

reverse-shell Key Features

No Key Features are available at this moment for reverse-shell.

reverse-shell Examples and Code Snippets

No Code Snippets are available at this moment for reverse-shell.

Community Discussions

Trending Discussions on reverse-shell

Crypto Reverse Shell in Python3 - cd command does not change directory

How can I clean up the popen output of my C program?

How to interact with a reverse shell in Rust?

QUESTION

Crypto Reverse Shell in Python3 - cd command does not change directory

Asked 2021-Jun-27 at 18:12

The crypto server is started on a Kali Linux virtual machine, whereas the client shell is started on a Windows 10 virtual machine.

The reverse shell works. A connection is established and is persisted. I can run all types of commands from the shell such as - ifconfig, dir, ls, systeminfo, netstat, etc. However, the only problem is that I cannot enumerate the virtual machine's directories using the - "cd & cd .." command.

If I type cd from the Linux's shell I don't receive any errors neither the connection is closed. It seems like it executes the command on the Windows machine, but it does not return any response back.

I know that the question has been asked in the past and I have looked through the threads:

1.python3 - cd is not working in reverse shell

2.Reverse Shell Command with Python command gets stuck when trying to change directory

3.Subprocess changing directory

4.Equivalent of shell 'cd' command to change the working directory?

which I did not find helpful

I think I understand the nature of the problem, but I do not know how to address it. If anyone has any idea of what might be causing this behaviour, I would appreciate the help.

This is the crypto client shell

...

ANSWER

Answered 2021-Jun-27 at 18:12

while 1:

    encrypted_command = s.recv(1024)
    ...
    proc     = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
    ...
    s.send(encrypted_response)

Source https://stackoverflow.com/questions/68153581

QUESTION

How can I clean up the popen output of my C program?

Asked 2020-Aug-19 at 21:24

I am rewriting a simple reverse-shell program I made in python, now in C.

The program is supposed to be trying to connect to a host(netcat listening on the specified port) and then take the output from nc, sent over a tcp socket, and make a system call using popen() and then send back the terminal output via the socket connection to nc where it is displayed.

When I try sending commands the program returns what I requested, but also some giberish.

Ex.: /Users/jacob/Library/Developer/Xcode/DerivedData/backdoorfbhufkccmceisqaozrfitkmfsvge/Build/Products/Debu@Ԓ`? ??????0d?r?

(Output from nc in terminal, this was a 'pwd' command)

I also seem to have some kind of problem where a buffer isn't cleared? When I use the 'say' command(say [sentence] ) MacOS is supposed to use voice the sentence. This happens, but only the 2 first letters of the argument after 'say'(the 2 first characters of the sentence) and then says an earlier string. ('Successfully connected!')

Ex.: (command: 'say hello')

heSuccessfully connected!

I have tried to open the FILE stream in different places and

Code (after socket setup and connection):

...

ANSWER

Answered 2020-Aug-19 at 21:01

I think your main issue is here:

Source https://stackoverflow.com/questions/63494705

QUESTION

How to interact with a reverse shell in Rust?

Asked 2020-Apr-23 at 05:48

OpenBSD's Netcat implementation listens on a port with unix_bind()... basically the same behavior as Rust's TcpListener::bind(). Where I got lost in writing my listen function (emulating nc -l -p ) is how to interact with reverse shells.

As seemingly trivial as it sounds, I want listen to give me the sh-3.2$ prompt like nc -l -p does. All the Netcat-Rust implementations I dug up online don't allow me to interact with reverse shells like that.

Reverse shell code (Machine 1): (adapted from this question I asked years ago)

...

ANSWER

Answered 2020-Apr-23 at 05:48

Basically, we want to have two bi-directional redirections - one from stdin to the stream, and the other from stream to stdout.

We can accomplish this using the generic pipe_thread function below, which creates a dedicated OS thread for this (can be done more efficiently, but we want simplicity). In listen, we spawn two threads like this, and wait for them to terminate.

Source https://stackoverflow.com/questions/61297668

Community Discussions, Code Snippets contain sources that include Stack Exchange Network

Vulnerabilities

No vulnerabilities reported

Install reverse-shell

Well, that's a good idea. A network intrusion detection system can do many things and can be used to detect attacks like this, for example, because netcat is done over plain TCP connection, it is possible to inspect packets and fingerprint data exfiltration and similar bad behaviour. The problem is that, unlike many similar approaches, this tool works over TLS, so good luck with that.

Support

This tool is intended to highlight a threat to protected systems and to demonstrate the difficulty in effectively defending against the threat. It is a very simple program that could be used to demonstrate the importance of monitoring outbound connections from your protected environment for the existence of maliciously planted backdoors. However, it is important to do that over TLS too as you'd not like third parties to sniff or inject themselves into your demo.

Find more information at: