RSPET: Reverse Shell and Post Exploitation Tool – Penetration Testing

RSPET

RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.

DISCLAIMER: This software is provided for educational and PenTesting purposes and as a proof of concept. The developer(s) do not endorse, incite or in any other way support unauthorised computer access and networks disruption.

NOTE: min folder has been removed. The added overhead of maintaining two versions lead to min not receiving bug-fixes and important updates. If there is interest, both in using and maintaining, a more bare-bone and simplistic version, a new branch will be created to host it.

Current Version: v0.3.1

Follow: @TheRSPET on Twitter for updates.

Documentation : rspet.readthedocs.io

Features

Remote Command Execution

Trafic masking (XORed instead of cleartext); for better results use port 443[1]

TLS Encryption of the Server-Client communication

Built-in File/Binary transfer (both ways) over the masked Encrypted traffic

Built-in UDP Flooding tool

Built-in UDP Spoofing tool[2]

Multiple/All Hosts management; order File/Binary transfer and UDP Flood from Multiple/All connected Hosts

Modular Code Design to allow easy customization

Client script is tested and is compatible with PyInstaller (can be made into .exe)[3]

Full server side Plug-in support[4]

Plug-in management, including the ability to Install(Download) and Dynamically Load Plug-ins.

RESTful API for the Server Module

*[1]The idea for XORing as well as the skeleton for the client came from primalsecurity.net so if you like this pack of scripts you’ll probably love what they do

*[2]UDP Spoofing uses RAW_SOCKETS so in order to utilize it, the client has to run on an OS that supports RAW_SOCKETS (most Unix-Based) and with root privileges. Finally, most of the ISPs have implementations in place that will either drop or re-structure spoofed packets

*[3]Again check primalsecurity.net’s perfect blogpost about producing an .exe

*[4]Detailed documentation on creating Plug-ins available in Online Documentation!

Deployment:

rspet_server.py is situated at the attacker’s machine and running to accept connections

rspet_client.py is situated in the infected machine(s) and will initiate the connection and wait for input.

Installation

git clone http://ift.tt/2tEvPkF

Executing ./setup.py while on the project’s root folder will generate the required certificates and install all needed components through pip.

Of course you can manually install the pip packages required by executing pip2 install Flask flask-cors. Also you can generate your own key-cert set (just name them server.key & server.crt and place them inside the Server folder).

Execution:

Server:

python rspet_server.py [-c #clients, –ip ipToBind, -p portToBind]

max_connections defaults to 5 if left blank

RESTful API:

python rspet_server_api.py [-c #clients, –ip ipToBind, -p portToBind]

Client:

python rspet_client.py [server_port]

Many changes can be made to fit individual needs.

As always if you have any suggestion, bug report or complain feel free to contact me.

ASCIICAST

Source: http://ift.tt/1QVjfF2

The post RSPET: Reverse Shell and Post Exploitation Tool appeared first on Penetration Testing.

http://ift.tt/2u8lLUB http://ift.tt/2aM8QhC

Anúncios

Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s