Comments (5)
Hi there,
Not sure what you mean by this, reverse ssh is quite large in size (even with upx) so the shellcode would be several megabytes which isn't particularly useful for any exploitation I know of.
As it currently stands reverse ssh is solidly a post exploitation tool that enables more advanced "management" of targets.
Rather than your first tool through the door.
If you define what youre looking to accomplish a bit more I might be able to help, but for now this will probably be marked as won't fix sorry!
from reverse_ssh.
Well for post exploitation it would be nice to add the ability to generate the shellcode or possibly allow the user to invoke shellcode stored from an external address from a hosted webserver hosting the binary shellcode instead of taking the raw hexadecimal shellcode data and having to input it into another executable. So during runtime it could grab the shellcode from the external address and execute it into memory without storing the shellcode to disk. I don't know that was just an idea that I had from seeing another github repository with the same idea. Of course this isn't utilizing shellcode but instead using AES encryption but I thought it might be a good idea to do the same with shellcode as well but I just wanted to give my input on something that might be useful in the future.
https://github.com/TheD1rkMtr/FilelessPELoader
from reverse_ssh.
Oh also I have another issue. When generating a windows x64 compiled client I am able to setup the RSSH_HOMESERVER but when generating the client and running it. It doesn't connect back to the server but when adding the -d arguments it works for connecting back to the server. But the RSSH_HOMESERVER argument during compiling should've made it so that the executable during runtime would connect back to the server without providing an argument. This is the command I used
GOOS=windows GOARCH=amd64 RSSH_HOMESERVER=172.26.122.47:4200 make client
from reverse_ssh.
So. In further review of your request, and the provided example this already exists in RSSH.
The RSSH server can generate and provide portal executables via http and the link
command in the server console. This lets you pull an RSSH client binary and from there its up to you to load it into memory however you wish.
If you're asking for me to implement something like the loader stage that would connect back to the RSSH server and pull said binary thats out of scope of this project.
from reverse_ssh.
As for your issue. I cannot replicate this. I have used your exact command line and can see the value is injected into the binary and when running with --foreground
can see the client connects
from reverse_ssh.
Related Issues (20)
- Running `link` with garble multiple times for windows fails HOT 12
- Unstable crashes when gvisor (VPN tun) active HOT 1
- Timeout on rssh HOT 13
- Add flag to disable CGO in the `link` command
- link --name documentation is unintuitive HOT 1
- Problems with protocol judgement HOT 1
- RSSH client over TLS
- Use http_proxy / https_proxy environment variables automatically on clients HOT 1
- shellcode generation HOT 1
- panic: runtime error: invalid memory address or nil pointer dereference HOT 14
- How can I use tls and wss HOT 3
- Bug in using python script on windows client HOT 2
- Client execution error under amd64 mac computer (upx issue) HOT 6
- Webserver disconnects when downloading more than 10MB client HOT 4
- Remote ssh forwarding fails [ssh: rejected: administratively prohibited] HOT 10
- The client supports opening an http proxy server HOT 4
- Dynamic Reverse Forwarding from Plain SSH Client HOT 1
- remark HOT 5
- refer Windows DLL ,is it support linux so generate?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from reverse_ssh.