Showing posts with label Shell. Show all posts
Showing posts with label Shell. Show all posts

Sunday, 26 January 2014

[XSS Shell] XSS Backdoor and Zombie Manager



XSS Shell is powerful a XSS backdoor and zombie manager. This concept first presented by “XSS-Proxy – http://xss-proxy.sourceforge.net/”. Normally in XSS attacks attacker has one shot, in XSS Shell you can interactively send requests and get responses from victim. you can backdoor the page.

Download

This package includes the latest version of XSS Shell and XSSTunnel. XSS Shell can be used without XSS Tunnel, however you’ll get more out of it with XSS Tunnel.
Download XSS Shell and XSS Tunnel

Features

XSS Shell has several features to gain whole access over victim. Also you can simply add your own commands.
Most of the features can enable or disabled from configuration or can be tweaked from source code.
  • Regenerating Pages
    • This is one of the key and advanced features of XSS Shell. XSS Shell re-renders the infected page and keep user in virtual environment. Thus even user click any links in the infected page he or she will be still under control! (within cross-domain restrictions) In normal XSS attacks when user leaves the page you can’t do anything
    • Secondly this feature keeps the session open so even victim follow an outside link from infected page session is not going to timeout and you will be still in charge.
  • Keylogger
  • Mouse Logger (click points + current DOM)
  • Built-in Commands;
    • Get Keylogger Data
    • Get Current Page (Current rendered DOM / like screenshot)
    • Get Cookie
    • Execute supplied javaScript (eval)
    • Get Clipboard (IE only)
    • Get internal IP address (Firefox + JVM only)
    • Check victim’s visited URL history

Posted by at No comments:
Labels: , , , , , , , , , ,

Monday, 21 October 2013

[TinySHell] Ported to SCTP


You may have seen, a while ago, my post on SCTP reverse shells.

I realized quite quickly that I should definately do some more research in this direction, and hence ported one of my favourite Unix backdoors (which uses a TCP connection) to use a SCTP connection instead. This backdoor allows for a remote PTY, file upload, and file download. It also is encrypted connection.

The backdoor in question is ‘TinySHell’ by the inestimable Christophe Devine (who left quite a legacy of code, which I may start to maintain as he appears to have vanished. Chris, if you are out there, get in touch or something! Love your work!). I spent a short while examining the code, then quickly patched it up to replace all the TCP stuff with SCTP stuff. I imagine I could easily alter it to do UDP, and might try that later.

Anyways, without further ado, here is the code. Again, all credit to Chris, all I did was modify it!


Posted by at No comments:
Labels: , , ,

Tuesday, 23 April 2013

[Hidden CMD Detector] Discover Hidden Command prompts



Hidden CMD Detector is the free tool to discover Hidden Command prompts and detect any Hacker presence on your system.

The first thing any Hacker does on getting access to remote system is to run a hidden Command shell. This tool can help you to automatically detect any such hidden cmd prompts and keep your system safe from hackers.

It can help you to discover following type of command prompts,
  • Normal/Hidden Command Prompts
  • Renamed or custom Command Prompts
  • Reverse Command Shells launched by hacker Tools like netcat
  • Command Prompts launched by User/System Process

This tool can be easily automated to run at certain interval. It supports 3 output modes (normal, one liner, xml) making it easy to parse the result through the automation scripts.
It will be ideal tool to run on unattended machines periodically to detect any hacker activities and alert the administrators.

Posted by at No comments:
Labels: , , , ,

Wednesday, 10 April 2013

[ShellSave v1.0] Manten todas tus Shells ordenadas y en un sólo lugar


La idea de crear la ShellSave surge de la propia necesidad de contener de forma ordenada nuestra lista de backdoors web y evitar agendarlos en archivos de texto lo cuál es poco comodo a la hora de realizar una busqueda.

La ShellSave se encarga de ordenarlos de una manera prolija, trabajando mano a mano con una db y obteniendo datos a travez de la url pasada, tales como: ip, nombre del host y geolocalizacion del mismo.


Otra de las carácteristicas que posee es la de incluir a travez de un iframe la webshell selecciónada, esto se podría aprovechar montando el script en un servidor web para luego usarlo de próxy tras realizar la petición a nuestro backdoor.


Como ven se trata de una herramienta super sencilla pero que a la vez resulta de gran utilidad tras la post explotación de uno o varios objetivos.

  • El proceso de instalación es simple.
  • Crear una base de datos e importar el archivo sql que se encuentra en el directorio bd
  • Editar el fichero config.php con los datos correspondientes
  • Loguearse dentro de la ShellSave con el password por defecto “test”
  • Agendar nuestras webshells.


Web oficial: http://underterminal.nixiweb.com

Posted by at No comments:
Labels: , , ,

Thursday, 4 April 2013

[Hackersh] Free shell (command interpreter) written in Python

Hackersh ("Hacker Shell") is a free and open source (license) shell (command interpreter) written in Python with Pythonect-like syntax, builtin security commands, and out of the box wrappers for various security tools. It is like Unix pipeline, but for processing security information and metadata rather than bytes.


Download Hackersh version 0.1
Web: http://www.hackersh.org/
Posted by at No comments:
Labels: , , , , , ,
Subscribe to: Comments (Atom)