sslshell

package
v1.10.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 21, 2024 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Overview

sslshell is a simple c2 that listens for incoming ssl/tls connections in order to establish a reverse shell.

The sslshell can generate it's own server certificate, or the user can provide their own. It's often a smart idea to provide unique certificate to avoid fingerprinting. To generate the required files you can use openssl:

openssl genpkey -algorithm RSA -out private_key.pem
openssl req -new -key private_key.pem -out csr.pem
openssl x509 -req -days 365 -in csr.pem -signkey private_key.pem -out certificate.pem

The private_key.pem and certificate.pem are then provided on the command line like so:

./cve-2021-22205_linux-arm64 -e -sslShellServer.PrivateKeyFile private_key.pem -sslShellServer.ServerField certificate.pem ...

If a certificate is not provide, this c2 will generate one on the fly, but it is likely vulnerable to fingerprinting.

This c2 can accept multiple connections, but it currently can only handle interacting with one at a time.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Server

type Server struct {
	// The socket the server is listening on
	Listener net.Listener
	// The file path to the user provided private key (if provided)
	PrivateKeyFile string
	// The file path to the user provided certificate (if provided)
	CertificateFile string
}

func GetInstance added in v1.0.8

func GetInstance() *Server

Get a singleton instance of the sslserver c2.

func (*Server) CreateFlags added in v1.0.8

func (shellServer *Server) CreateFlags()

Create the flags for accepting custom TLS configurations.

func (*Server) Init

func (shellServer *Server) Init(ipAddr string, port int, isClient bool) bool

Parses the user provided files or generates the certificate files and starts the TLS listener on the user provided IP/port.

func (*Server) Run

func (shellServer *Server) Run(timeout int)

Listens for incoming SSL/TLS connections spawns a reverse shell handler for each new connection.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL