• Stars
    star
    344
  • Rank 120,140 (Top 3 %)
  • Language
    Python
  • License
    GNU General Publi...
  • Created about 4 years ago
  • Updated 2 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Simple CLI tool for the generation of bind and reverse shells in multiple languages

Shellerator

Shellerator is a simple command-line tool aimed to help pentesters quickly generate one-liner reverse/bind shells in multiple languages (Bash, Powershell, Java, Python...). Another similar project for the generation of one-line file downloading commands is based on this code Uberfile

This project is installed by default in the pentesting OS Exegol

Example (with menus)

Install

The install is pretty simple, just clone this git and install the requirements.

git clone https://github.com/ShutdownRepo/shellerator
cd shellerator
python3 setup.py install --user

Usage

Usage is dead simple too.

usage: shellerator.py [-h] [-b | -r] [-t TYPE] [-p LPORT] [-i LHOST]

Generate a bind/reverse shell

optional arguments:
  -h, --help              show this help message and exit
  -l, --list            Print all the types of shells shellerator can generate
  -b, --bind-shell        Generate a bind shell (you connect to the target)
  -r, --reverse-shell     Generate a reverse shell (the target connects to you)(Default)

Bind shell options:
  -t TYPE, --type TYPE    Type of the shell to generate (Bash, Powershell, Java...)
  -p LPORT, --port LPORT  Listener Port

Reverse shell options:
  -t TYPE, --type TYPE    Type of the shell to generate (Bash, Powershell, Java...)
  -i LHOST, --ip LHOST    Listener IP address
  -p LPORT, --port LPORT  Listener Port

If required options are not set, the tool will start in TUI (Terminal User Interface) with pretty menus but CLI works like a charm too.

Example (without menus)

To-Do List

Things to add

Here are some things to add that I have in mind, I'll work on that asap

  • Add bindshells
  • Add encrypted shells and separate them from bind/rev ?
  • Add webshells
  • Add some kind of option to help user get info on how to improve shell/tty (rlwrap, stty, ConPty (cf. PayloadsAllTheThings))

Sources & credits

This project is inspired by Print-My-Shell. Some commands come from the following links

More Repositories

1

The-Hacker-Recipes

This project is aimed at freely providing technical guides on various hacking topics: Active Directory services, web services, servers, intelligence gathering, physical intrusion, phishing, mobile apps, iot, social engineering, etc.
587
star
2

pywhisker

Python version of the C# tool for "Shadow Credentials" attacks
Python
548
star
3

Exegol

Exegol is a fully featured and community-driven hacking environment
Shell
468
star
4

smartbrute

Password spraying and bruteforcing tool for Active Directory Domain Services
Python
316
star
5

targetedKerberoast

Kerberoast with ACL abuse capabilities
Python
280
star
6

ShadowCoerce

MS-FSRVP coercion abuse PoC
Python
260
star
7

The-Hacker-Tools

This project is aimed at freely providing technical guides on various hacking tools.
75
star
8

telegram-bot-cli

This is a command line tool I use when I want to get notified, on Telegram (on my phone), that something has finished running (on my laptop).
Python
58
star
9

httpmethods

HTTP verb tampering & methods enumeration
Python
50
star
10

uberfile

Simple CLI tool for the generation of downloader oneliners for UNIX-like or Windows systems
Python
35
star
11

hashonymize

Anonymize your hashcat formatted files for online cracking
Python
26
star
12

Get-GPPPassword

Python script for extracting and decrypting Group Policy Preferences passwords
Python
19
star
13

CVE-2020-7961

Exploit script for CVE-2020-7961
Python
18
star
14

google-colab-hashcat

Jupyter Notebook
14
star
15

Exegol-images

Docker images of the Exegol project
Shell
1
star
16

CrackMapExec-MachineAccountQuota

CrackMapExec module that retrieves the "MachineAccountQuota" domain-level attribute.
Python
1
star