[Tut] EzpzShell: An Easy-Peasy Python Script That Simplifies Revshell Creation - Printable Version +- Sick Gaming (https://www.sickgaming.net) +-- Forum: Programming (https://www.sickgaming.net/forum-76.html) +--- Forum: Python (https://www.sickgaming.net/forum-83.html) +--- Thread: [Tut] EzpzShell: An Easy-Peasy Python Script That Simplifies Revshell Creation (/thread-100733.html) |
[Tut] EzpzShell: An Easy-Peasy Python Script That Simplifies Revshell Creation - xSicKxBot - 02-11-2023 EzpzShell: An Easy-Peasy Python Script That Simplifies Revshell Creation <div> <div class="kk-star-ratings kksr-auto kksr-align-left kksr-valign-top" data-payload='{"align":"left","id":"1118920","slug":"default","valign":"top","ignore":"","reference":"auto","class":"","count":"1","legendonly":"","readonly":"","score":"5","starsonly":"","best":"5","gap":"5","greet":"Rate this post","legend":"5\/5 - (1 vote)","size":"24","width":"142.5","_legend":"{score}\/{best} - ({count} {votes})","font_factor":"1.25"}'> <div class="kksr-stars"> <div class="kksr-stars-inactive"> <div class="kksr-star" data-star="1" style="padding-right: 5px"> <div class="kksr-icon" style="width: 24px; height: 24px;"></div> </p></div> <div class="kksr-star" data-star="2" style="padding-right: 5px"> <div class="kksr-icon" style="width: 24px; height: 24px;"></div> </p></div> <div class="kksr-star" data-star="3" style="padding-right: 5px"> <div class="kksr-icon" style="width: 24px; height: 24px;"></div> </p></div> <div class="kksr-star" data-star="4" style="padding-right: 5px"> <div class="kksr-icon" style="width: 24px; height: 24px;"></div> </p></div> <div class="kksr-star" data-star="5" style="padding-right: 5px"> <div class="kksr-icon" style="width: 24px; height: 24px;"></div> </p></div> </p></div> <div class="kksr-stars-active" style="width: 142.5px;"> <div class="kksr-star" style="padding-right: 5px"> <div class="kksr-icon" style="width: 24px; height: 24px;"></div> </p></div> <div class="kksr-star" style="padding-right: 5px"> <div class="kksr-icon" style="width: 24px; height: 24px;"></div> </p></div> <div class="kksr-star" style="padding-right: 5px"> <div class="kksr-icon" style="width: 24px; height: 24px;"></div> </p></div> <div class="kksr-star" style="padding-right: 5px"> <div class="kksr-icon" style="width: 24px; height: 24px;"></div> </p></div> <div class="kksr-star" style="padding-right: 5px"> <div class="kksr-icon" style="width: 24px; height: 24px;"></div> </p></div> </p></div> </div> <div class="kksr-legend" style="font-size: 19.2px;"> 5/5 – (1 vote) </div> </p></div> <p><code>EzpzShell = "Easy Peasy Shell" </code></p> <figure class="wp-block-embed-youtube wp-block-embed is-type-video is-provider-youtube"><a href="https://blog.finxter.com/ezpzshell-a-cool-all-in-one-python-script-that-simplifies-revshell-creation/"><img src="https://blog.finxter.com/wp-content/plugins/wp-youtube-lyte/lyteCache.php?origThumbUrl=https%3A%2F%2Fi.ytimg.com%2Fvi%2F0UI4X6rigQA%2Fhqdefault.jpg" alt="YouTube Video"></a><figcaption></figcaption></figure> <p class="has-base-background-color has-background"><img src="https://s.w.org/images/core/emoji/14.0.0/72x72/1f449.png" alt="?" class="wp-smiley" style="height: 1em; max-height: 1em;" /> <strong>EzpzShell GitHub</strong>: <a rel="noreferrer noopener" href="https://github.com/H0j3n/EzpzShell" target="_blank">https://github.com/H0j3n/EzpzShell</a></p> <h2>WHAT IS EzpzShell?</h2> <div class="wp-block-image"> <figure class="aligncenter size-large"><a href="https://github.com/H0j3n/EzpzShell" target="_blank" rel="noreferrer noopener"><img decoding="async" src="https://github.com/H0j3n/EzpzShell/raw/main/demo.gif" alt=""/></a></figure> </div> <p>EzpzShell is a Python script that helps to streamline the revshell payload and listener creation process for <a rel="noreferrer noopener" href="https://blog.finxter.com/top-developer-jobs-for-white-hat-hackers-in-2023/" data-type="post" data-id="428295" target="_blank">ethical hackers</a>, <a rel="noreferrer noopener" href="https://blog.finxter.com/how-i-set-up-my-virtual-hacking-laboratory-for-safe-and-legal-penetration-testing/" data-type="post" data-id="1116603" target="_blank">pentesters</a>, and <a rel="noreferrer noopener" href="https://blog.finxter.com/tryhackme-mr-robot-capture-the-flag-ctf-challenge/" data-type="post" data-id="955490" target="_blank">CTF gamers</a>. </p> <div class="wp-block-image"> <figure class="aligncenter size-full"><img decoding="async" loading="lazy" width="527" height="348" src="https://blog.finxter.com/wp-content/uploads/2023/02/image-119.png" alt="" class="wp-image-1119016" srcset="https://blog.finxter.com/wp-content/uploads/2023/02/image-119.png 527w, https://blog.finxter.com/wp-content/uploads/2023/02/image-119-300x198.png 300w" sizes="(max-width: 527px) 100vw, 527px" /></figure> </div> <p>There are many file types available, and it outputs several different payload options to choose from, letting you pick the most efficient option for your specific use case. </p> <p>Today I’ll guide you through the installation and setup of <code>EzpzShell.py</code> on Kali Linux in a virtual hacking lab setup. </p> <p class="has-base-background-color has-background"><img src="https://s.w.org/images/core/emoji/14.0.0/72x72/1f449.png" alt="?" class="wp-smiley" style="height: 1em; max-height: 1em;" /> <strong>Recommended</strong>: <a href="https://blog.finxter.com/how-i-set-up-my-virtual-hacking-laboratory-for-safe-and-legal-penetration-testing/" data-type="post" data-id="1116603" target="_blank" rel="noreferrer noopener">How I Set Up My Virtual Hacking Laboratory for Safe and Legal Penetration Testing</a></p> <h2>INSTALLATION</h2> <div class="wp-block-image"> <figure class="aligncenter size-full"><img decoding="async" loading="lazy" width="606" height="911" src="https://blog.finxter.com/wp-content/uploads/2023/02/image-120.png" alt="" class="wp-image-1119019" srcset="https://blog.finxter.com/wp-content/uploads/2023/02/image-120.png 606w, https://blog.finxter.com/wp-content/uploads/2023/02/image-120-200x300.png 200w" sizes="(max-width: 606px) 100vw, 606px" /></figure> </div> <p>We’ll need to temporarily switch the internet setting on our attack machine (Kali) to “bridged adapter”. This will create an IP for our virtual machine as if it was a physical machine on our own network. </p> <p>After switching the setting, we boot up Kali and grab the Git repo for <code>EzpzShell.py</code>.</p> <div class="wp-block-image"> <figure class="aligncenter size-full"><img decoding="async" loading="lazy" width="722" height="493" src="https://blog.finxter.com/wp-content/uploads/2023/02/image-117.png" alt="" class="wp-image-1118929" srcset="https://blog.finxter.com/wp-content/uploads/2023/02/image-117.png 722w, https://blog.finxter.com/wp-content/uploads/2023/02/image-117-300x205.png 300w" sizes="(max-width: 722px) 100vw, 722px" /></figure> </div> <div class="wp-block-image"> <figure class="aligncenter size-full"><img decoding="async" loading="lazy" width="588" height="263" src="https://blog.finxter.com/wp-content/uploads/2023/02/image-116.png" alt="" class="wp-image-1118928" srcset="https://blog.finxter.com/wp-content/uploads/2023/02/image-116.png 588w, https://blog.finxter.com/wp-content/uploads/2023/02/image-116-300x134.png 300w" sizes="(max-width: 588px) 100vw, 588px" /></figure> </div> <p>Now that we have installed <code>EzpzShell.py</code> on our Kali VM, let’s shut it down and switch the network setting back to “host-only adapter”. </p> <p>This will switch the internet off again and put the attack box back into the hacking lab network.</p> <h2>CREATE A BASH ALIAS</h2> <p>To simplify the command (<code>python3 ~/EzpzShell.py</code>) into a one-word command we can add the following line to a new file <code>.bash_aliases</code></p> <div class="wp-block-image"> <figure class="aligncenter size-full"><img decoding="async" loading="lazy" width="811" height="109" src="https://blog.finxter.com/wp-content/uploads/2023/02/image-115.png" alt="" class="wp-image-1118927" srcset="https://blog.finxter.com/wp-content/uploads/2023/02/image-115.png 811w, https://blog.finxter.com/wp-content/uploads/2023/02/image-115-300x40.png 300w, https://blog.finxter.com/wp-content/uploads/2023/02/image-115-768x103.png 768w" sizes="(max-width: 811px) 100vw, 811px" /></figure> </div> <p>Next, let’s run the following command to make the bash alias permanent.</p> <pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">source ~/.bashrc</pre> <p>Now we can easily run <code>EzPzShell.py</code> from any directory on Kali with the command:</p> <pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">ezpz</pre> <h2>EXAMPLE OF A REVERSHELL EZPZSHELL ON OUR VIRTUAL HACKINGLAB</h2> <div class="wp-block-image"> <figure class="aligncenter size-full"><img decoding="async" loading="lazy" width="626" height="400" src="https://blog.finxter.com/wp-content/uploads/2023/02/image-114.png" alt="" class="wp-image-1118926" srcset="https://blog.finxter.com/wp-content/uploads/2023/02/image-114.png 626w, https://blog.finxter.com/wp-content/uploads/2023/02/image-114-300x192.png 300w" sizes="(max-width: 626px) 100vw, 626px" /></figure> </div> <p>We’ll run the command “<code>ezpz 192.168.60.4 8888 py</code>” to see a list of reverse shell payloads. </p> <p>This is quicker than poking around the web for the right kind of shell, and it is also super handy that the listener is automatically started up and set to receive the revshell. </p> <p>Let’s use the first payload, the python script:</p> <div class="wp-block-image"> <figure class="aligncenter size-full"><img decoding="async" loading="lazy" width="811" height="532" src="https://blog.finxter.com/wp-content/uploads/2023/02/image-113.png" alt="" class="wp-image-1118925" srcset="https://blog.finxter.com/wp-content/uploads/2023/02/image-113.png 811w, https://blog.finxter.com/wp-content/uploads/2023/02/image-113-300x197.png 300w, https://blog.finxter.com/wp-content/uploads/2023/02/image-113-768x504.png 768w" sizes="(max-width: 811px) 100vw, 811px" /></figure> </div> <p>After copying and pasting this into a new <code>shell.py</code> file on the target machine, we can trigger the revshell by running the program on our target machine:</p> <pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">python shell.py</pre> <p>And we catch it with EzPzShell immediately on our Kali attack machine!</p> <div class="wp-block-image"> <figure class="aligncenter size-large"><img decoding="async" loading="lazy" width="1024" height="444" src="https://blog.finxter.com/wp-content/uploads/2023/02/image-112-1024x444.png" alt="" class="wp-image-1118924" srcset="https://blog.finxter.com/wp-content/uploads/2023/02/image-112-1024x444.png 1024w, https://blog.finxter.com/wp-content/uploads/2023/02/image-112-300x130.png 300w, https://blog.finxter.com/wp-content/uploads/2023/02/image-112-768x333.png 768w, https://blog.finxter.com/wp-content/uploads/2023/02/image-112.png 1374w" sizes="(max-width: 1024px) 100vw, 1024px" /></figure> </div> <h2>FINAL THOUGHTS</h2> <div class="wp-block-image"> <figure class="aligncenter size-full"><img decoding="async" loading="lazy" width="608" height="919" src="https://blog.finxter.com/wp-content/uploads/2023/02/image-121.png" alt="" class="wp-image-1119024" srcset="https://blog.finxter.com/wp-content/uploads/2023/02/image-121.png 608w, https://blog.finxter.com/wp-content/uploads/2023/02/image-121-198x300.png 198w" sizes="(max-width: 608px) 100vw, 608px" /></figure> </div> <p>As you can see, EzPzShell is a versatile Python script for reverse shell payload creation and listener spawning. </p> <p>It seamlessly sets up our listener to catch the revshell using the file type of our choice from a long list of options. I’ll be adding EzPzShell to my regular pen-testing toolkit and am confident that it will save me lots of time down the road in various CTF challenges and pentesting scenarios. </p> <p>Lookout for EzpzShell in future hacking tutorial videos.</p> <p class="has-base-background-color has-background"><img src="https://s.w.org/images/core/emoji/14.0.0/72x72/1f449.png" alt="?" class="wp-smiley" style="height: 1em; max-height: 1em;" /> <strong>Recommended</strong>: <a href="https://blog.finxter.com/tryhackme-skynet-walkthrough-using-remote-file-inclusion/" data-type="URL" data-id="https://blog.finxter.com/tryhackme-skynet-walkthrough-using-remote-file-inclusion/" target="_blank" rel="noreferrer noopener">[TryHackMe] Skynet Walkthrough Using Remote File Inclusion</a></p> </div> https://www.sickgaming.net/blog/2023/02/08/ezpzshell-an-easy-peasy-python-script-that-simplifies-revshell-creation/ |