Skip to content
/ reverseshellenum Public

Enumerates reverse shells. Great for defensive auditing. Great for lazy offense. Bad for stealth.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

fx2301/reverseshellenum

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits

LICENSE

LICENSE

 
 

README.md

README.md

 
 

generate.py

generate.py

 
 

listen.sh

listen.sh

 
 

reverseshellenum.sh

reverseshellenum.sh

 
 

shells.json

shells.json

 
 

Repository files navigation

Overview

Enumerates reverse shells from reveshells.com. Great for defensive auditing. Great for lazy offense. Bad for stealth.

Usage

On the server

LHOST="10.10.0.123" LPORT="31373" python3 generate.py # embeds LHOST and LPORT in reverseshellenum.sh
./listen.sh

On the client

./reverseshellenum.sh

Note that if you didn't generate the script in the previous section then this will connect to 127.0.0.1:31373.

Example output

$ ./listen.sh
[i] Starting Reverse Shell Audit
  [+] Success: Bash -i
  [+] Success: Bash 196
  [+] Success: Bash read line
  [+] Success: Bash 5
  [+] Success: ncat -e
  [+] Success: Perl
  [+] Success: Perl no sh
  [+] Success: PHP Emoji
[i] Ending Reverse Shell Audit

Update reverse shells

TODO: Fix parsing failure around line 98 of source data (remove head -n 95 work-around):

curl -sL https://raw.githubusercontent.com/0dayCTF/reverse-shell-generator/main/js/data.js | grep -v msfvenom | grep -A 1 -B 3 linux | grep -vE '^--$' | sed 's/^\s*\},/}/' | head -n 95 | jq -s . > shells.json

About

Enumerates reverse shells. Great for defensive auditing. Great for lazy offense. Bad for stealth.

Topics

linux reverse-shell enumeration offensive-security defensive-security

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Languages