infodox/python-pty-shells infodox/python-pty-shells

  • Stars
    star
    735
  • Rank 61,652 (Top 2 %)
  • Language
    Python
  • License
    Do What The F*ck ...
  • Created about 11 years ago
  • Updated over 10 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
infodox/python-pty-shells
github

infodox

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Python PTY backdoors - full PTY or nothing!

python-pty-shells

Python PTY backdoors - full PTY or nothing!

Insecurety Research (2013)

The following is a collection of bind and reverse shells which give you a fully working PTY.

This is far superior to a normal bind or reverse shell, as you have job control and an interactive PTY and can do such things as use nano/vi to write files, su to elevate privs/change user, and ssh onward. You can also CTRL+C and suchlike.

I have implemented the bind and backconnect shells using the TCP protocol, the SCTP protocol, and the UDP protocol.

A demonstration video and blog post explaining the advantages/disadvantages of each technique is on the way, I just need to get around to it.

For the SCTP shell, you will need the PySCTP module and the host will need to support the SCTP protocol. Most modern Linux boxes do, however you may need to install lksctp and lksctp-dev to build the python extensions. I am unsure if pyinstaller or similar can get around this.

Released under the WTFPL - wtfpl.net

Project by Insecurety Research - insecurety.net

Author: Darren 'infodox' Martyn.

More Repositories

1

python-dll-injection

Python toolkit for injecting DLL files into running processes on Windows
Python
243
star
2

exploits

Some exploits and exploit development stuff.
Python
149
star
3

tsh-sctp

TinySHell port to SCTP
C
122
star
4

web-exploitation-engine

Generic Command Exploitation Engine for exploiting web application command-injection bugs,.
Python
32
star
5

fimap-aeshttp

Fimap post-exploitation plugin that injects dave Rel1k's AES HTTP Reverse Shell
Python
17
star
6

weevils

Fimap post-exploitation plugin that injects Weevely as a persistent PHP backdoor on the target server
9
star
7

vaporware

The most amazing project ever that will fix security problems forever! All of security is fixed now! We can pack up and go home! Defends against all viruses, hackers, malware, and even stupid users!
7
star
8

ICMP-Chat

P2P ICMP-based Chat Client
7
star
9

php-eval-shell

Quick and dirty project testing out eval() based PHP backdoors for research. Nothing special for now.
6
star
10

phpkit

PHP Backdooring framework using include() and php://input to execute code.
Python
4
star
11

tekmu

The Evil Karmetasploit Upgrade - Development for MSF4
Ruby
3
star
12

QuickSploit

Small script to exploit windows boxes quickly.
2
star
13

fimap-uploader

Fimap Upload-File plugin for uploading anything ever, like a PHP backdoor or something like that. Written on request, needs work
2
star
14

Palioxis

Linux self-destruction utility
1
star
15

php-findsock

Some experiments with PHP and socket stealing thanks to lolchina
1
star
16

tsh-original

Original tsh code, on which my sctp port is based
1
star