Shaco is a simple C Linux agent for the Havoc framework, available at Utilizing a hardcoded socket, Shaco communicates with the server over HTTP.


This is the list of commands that the agent supports:

  • shell { command }
  • upload { localfile remotefile }
  • download { remotefile } – download file from remote
  • sleep { time }
  • jitter { time }
  • cd { path } – change directory
  • checkin – register again the agent and show informations
  • pwd – show the location
  • exit


Features of Shaco agent

  • Random Connect ( randomint(sleep, sleep + jitter) )
  • Random hash from http send to avoid rules
  • Hardcoded Http client
  • Custom Memory Management
  • Minimal
  • No dependencies
  • InLine syscall
  • Hide Cmdline changing for a random process in the target

Running and Configuration/Compilation


git clone –recurse-submodules 

After cloning this repo, you can execute the python handler


Create an HTTP havoc listener.

To compile this, you can use the havoc payload generator in Attack -> Payload and choose the Shaco option


The upload option will not function if the file size is greater than 7000 bytes because HTTP is hardcoded and does not support chunks in Havoc 0.6, a bug that is being worked on. 


TODO of the project

  • Implement python-support ( ex: pyload )
  • Implement in-memory file exec ( after havoc 0.6 )
  • Implement shared library injection to migrate the process
  • Better compilation using havoc
  • Update shell command to execute async
  • Create “job” command equals demon job.
  • Implement time to exec, ex: run_time 2020/02/02:10.05 rm -rf /
  • Configure compilation to compile for macOS and Android
  • Implement Crypt to the communication ( after havoc 0.6 )
  • Automatic agent update ( optional )

Published by Aman Mishra

Aman Mishra is a eJPT certified and always keen to learn new concepts and methodologies regarding cybersecurity.he is also a cyber security content writer and have passion for sharing my knowledge about the latest threads and trends in the industry.

Leave a comment

Your email address will not be published. Required fields are marked *