![]() ![]() But for simple self-contained tools, Go is one of the best languages right now.Ĭreate a new Go project, or use some existing one, if you wish. Performant as C/C++ programs and the tooling and libraries/frameworks are not as robust or mature as Java/NodeJS/Python Well, in practice, Go programs are not as Java, while keeping the CPU/RAM performance characteristics similar to C/C++. It tries to offer a pleasant developing experience similar to Python or Modern tooling and automatic memory management. Go programs are compiled into statically linked native executables for each supported platform, just like C/C++ but with Go is a perfect language for such a task. General requirements for the reverse shell agents are that they should be small, lightweight on system resources, and easy to deploy. Note: It is not in the scope of this article how to get the agent on the computer. Since it will be a Go application, porting to another OS should be trivial. The agent will run on the computers to which we wish to connect and run remote commands.įor simplicity, we assume that the agent will run on Windows. The other two parts will be released shortly, but their source code can be already found here. Now we explain the implementation of the agent. Of course, at the end of the article, we’ll provide a link to the Git repository withĭue to the length, the implementation of the three programs (agent, server, client) will be split into sub-articles. Thus, in the article, we will show andĮxplain only the necessary code. In the real-world scenario, you may have some projects already under developmentĪnd only wish to add a reverse shell (or WebSocket in general) as a feature. We won’t describe the entire process of project initialization in some IDE or resolving dependencies using some language’s Of the Java coding issues while keeping 100% compatibility with any Java library or framework.Ĭlient is a web-application written in TypeScript using very In addition, many Java backend dev teams are switching to Kotlin because Kotlin solves most Since Google adopted it as the main programming language for Android in 2017, it gained significant adoption in the community. A quite new language that is fully compatible with Java runtime (JVM). ![]() Server will be implemented in Kotlin from JetBrains. ![]() Docker uses it) or network microservices. It is generally a very good choice for many CLI desktop programs (e.g. More importantly, its standard compiler produces statically linked native binaries for many platforms. Go combines the simplicity of Python with static typing. This is rather new, but quite adopted programming language from Google. Hence, in this blog, we stay with the WebSockets as the “most compatible” way.Īlso, the three apps will be implemented in three different modern technologies.Īgent will be implemented in Go. The support for web browsers in gRPC is complicated, though. WebSockets we could use newer and more efficient gRPC. Since WebSockets are based on HTTP, they should work in a typical corporate environment without issue. they use standard HTTP ports (80 or 443).The main advantage of WebSockets over classic TCP sockets are: Role of the server is to correctly relay commands and command results between client and agent. One agent, and the client will open a connection to the server and awaits the operator’s commands. ![]() The client gets the list of connected agents from the server. The client app is usedīy a human operator. Multiple agent machines open connections to the server and keep them open all the time. We built a server that listens for an incoming connection from two different applications. In this blog, we shall create a simple reverse shell with the rendezvous server using WebSockets.ĬLIENT -> SERVER <- TARGET In the case of heavily hardenedĪ workaround for this may be a reverse shell based on the HTTP derivatives such as WebSocket, or newer gRPC (based on HTTP/2). Reverse Shells are usually implemented as TCP connections using any ordinary port. Also, right now we will not support chained or piped commands. In this article, we consider only the simplest session-less reverse shells where each command is run isolated in its It means that they do not support fancy things like tab-completion, and they can’t run text-based programs such as vim or mc.Īlthough, there are ways to bypass this limitation. The common disadvantage of reverse shells is the lack of interactivity, meaning that they are session-less. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |