Kali Linux

PyShell : Multiplatform Python WebShell

PyShell is Multiplatform Python WebShell. This tool helps you to obtain a shell-like interface on a web server to be remotely accessed. Unlike other webshells, the main goal of the tool is to use as little code as possible on the server side, regardless of the language used or the operating system of the server.

Thanks to this, you can use different types of shells (aspx, php, jsp, sh, py…) both in Windows and Linux, with command history, upload and download files and even, moving through directories as if it were a standard shell.

Requirements

  • Python 3
  • Install requirements.txt

Download

It is recommended to clone the complete repository or download the zip file. You can do this by running the following command:

git clone https://github.com/JoelGMSec/PyShell

Usage

./PyShell.py -h
██████ ▓██ ░██ ██████ ██░ ██ ▓█████ ██▓ ██▓
▓██░ ██▒██░ ██▒██ ▒ ▓██ ██▒▓██ ▓██▒ ▓██▒
▓██░ ██▒ ██ ██░░ ▓███ ▒██████░▒████ ▒██░ ▒██░
▒██████ ▒ ░████▓░ ▒ ██▒░██ ░██ ▒██ ▒██░ ▒██░
▒██▒ ░ ░ ░ ██▒▓░▒██████▒▒░██▒░██▓░█████▒░██████▒░██████▒
▒██░ ░ ░ ██▒▒▒ ▒ ▒▓▒ ▒ ░ ▒ ░░▒░▒░░ ▒░ ░░ ▒░▓ ░░ ▒░▓ ░
░▒ ░ ▓██ ░▒░ ░ ░▒ ░ ▒ ░ ░ ░ ░ ░ ░░ ░ ▒ ░░ ░ ▒ ░
░░ ░ ▒ ▒ ░░ ░ ░ ░ ░ ░░ ░ ░ ░ ░ ░
░ ░ ░ ░ ░ ░ ░
————– by @JoelGMSec & @3v4Si0N —————
usage: pyshell.py [-h] [-a AUTH] [-c COOKIES] [-p PARAM] [-pi] [-su] [-ps] url method
positional arguments:
url Webshell URL
method HTTP Method to execute command (GET or POST)
optional arguments:
-h, –help show this help message and exit
-a AUTH, –auth AUTH Authorization header to use on each request
-c COOKIES, –cookies COOKIES
Cookie header to use on each request
-p PARAM, –param PARAM
Parameter to use with custom WebShell
-pi, –pipe Pipe all commands after parameter
-su, –sudo Sudo command execution (Only on Linux hosts)
-ps, –PowerShell PowerShell command execution (Only on Windows hosts)

R K

Recent Posts

Cybersecurity – Tools And Their Function

Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…

16 hours ago

MODeflattener – Miasm’s OLLVM Deflattener

MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…

16 hours ago

My Awesome List : Tools And Their Functions

"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…

16 hours ago

Chrome Browser Exploitation, Part 3 : Analyzing And Exploiting CVE-2018-17463

CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…

16 hours ago

Chrome Browser Exploitation, Part 1 : Introduction To V8 And JavaScript Internals

The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…

16 hours ago

Chrome Browser Exploitation, Part 3: Analyzing and Exploiting CVE-2018-17463

The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…

19 hours ago