Kali Linux

Shells : Little Script For Generating Revshells

Shells is a script for generating common revshells fast and easy. Especially nice when in need of PowerShell and Python revshells, which can be a PITA getting correctly formatted.

PowerShell revshells

  • Shows username@computer, above the prompt and working-directory
  • Has a partial AMSI-bypass, making some stuff a bit easier
  • TCP and UDP
  • Windows Powershell and Core Powershell
  • Functions for uploading and downloading files. (Using Updog by sc0tfree)

ngrok support

  • ngrok can be started/stopped from inside the script
  • payloads will be genereated with the ngrok addresses

Updog support

  • you can start/stop Updog from inside the script
  • The PowerShell revshells have upload/download function embedded
  • To upload from nix using curl: curl -F path="absolute path for Updog-folder" -F file=filename http://UpdogIP/upload

To install Shells

git clone https://github.com/4ndr34z/shells
cd shells
./install.sh

Screenshots

YouTube Video

Version 1.4.8

  • Sometimes less is more. Removed the obfuscating on TCP/UDP PowerShell revshells, because it actually triggers AV more than it bypasses and the payload got really big 🙂 Still using randomization.

Version 1.4.6

  • Added webshells (ASPX, PHP, JSP)

Version 1.4.5

  • Added 2 c++ revshell binaries for Windows 32 and 64 bit.

Version 1.4.4

  • Fixed the handling of starting/stopping Updog

Version 1.4.3

  • Added Updog support
  • Added Netcat binaries.
  • Powershell: Created upload/download functionality (upload requires Updog for receiving files)
  • Added more information about running ngrok and Updog.

Version 1.4.2

  • PowerShell: Added a new “mini AMSI-bypass”. (It is a partial bypass) Based on Matt Graebers Reflection method
  • PowerShell: Added a “upload” function in the Powershell reverseshell

Version 1.4.1

  • Removed AMSI. Not tested enough 🙂

Version 1.4

  • Added AMSI-bypass for the powershell payloads

Version 1.3.9

  • Fixed bug when setting port
  • Changed default port to 443
  • PowerShell: obfuscated some more

Version 1.3.8

  • PowerShell: Minor changes to the UDP payload

Version 1.3.7

  • Using only native nc on macOS, because the one on homebrew doesn’t work on incoming UDP
  • PowerShell: Added UDP payloads

Version 1.3.6

  • PowerShell: Added more payloads

Version 1.3.5

  • PowerShell: Added some randomization and obfuscation for the payload

Version 1.3.4

  • PowerShell: Using UTF8 encoding in payload

Version 1.3.3

  • Added Golang

Version 1.3.2

  • Added OpenSSL

Version 1.3.1

  • Fixed bug in Python revshell
  • Added awk
  • Added Bash UDP

Version 1.3

  • Added Windows Python revshells

Version 1.2.9

  • Added a ngrok running-status

Version 1.2.8

  • Hiding ngrok choice if not installed

Version 1.2.7

  • Fixed the install options: not doing default option when pressing enter without making a choice

Version 1.2.6

  • Added support for ngrok.

Version 1.2.4

  • Added a install-script
  • Added install options for checking and installing missing dependencies

Version 1.2.3

  • Added a couple of PHP shells

Version 1.2.2

  • Added shells for: Ruby, Perl, Telnet and zsh

Version 1.2.1

  • Added copy to clipboard using pbcopy on macOS
  • Added info about listening netcat as the macOS versions doesn’t display that

Version 1.2

  • Added looping netcat shells. Calls back every 10 seconds. Great in case you loose your shell
  • Added check for netcat GNU netcat 0.7.0 Homebrew when running on macOS

Version 1.1

  • Added support for macOS
R K

Recent Posts

Playwright-MCP : A Powerful Tool For Browser Automation

Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…

3 weeks ago

JBDev : A Tool For Jailbreak And TrollStore Development

JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…

3 weeks ago

Kereva LLM Code Scanner : A Revolutionary Tool For Python Applications Using LLMs

The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…

3 weeks ago

Nuclei-Templates-Labs : A Hands-On Security Testing Playground

Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…

3 weeks ago

SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft

SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…

3 weeks ago

ollvm-unflattener : A Tool For Reversing Control Flow Flattening In OLLVM

Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…

3 weeks ago