rshsh A set of reverse shell shell scripts

rshsh is an acronym Reverse Shell SHell scripts

A little bit of messing around with socat, and scraping Google for some examples and I've put together a set of small scripts that will setup a server that will accept multiple clients and toss them into their own tmux windows

It also generates client scripts that verify the server with the embedded TLS certificate, so it's a secure reverse shell haha.

Setup

It's pretty simple, clone the repository to a server with a public IP.

Open up vars and adjust the relevant variables. Ones of interest are likely to be port and hostname which are used to specify the local port to listen on as well as the hostname the client will connect to respectively.

Then run ./server.sh I recommend running it under tmux or runsvdir so the server is persistently running in the background. Neither tmux or runsvdir are covered in depth here.

From There you can generate the client script with:

$ ./genclient.sh > /tmp/client.sh

And you can scp it off to your other boxes or whatever. Even copy and paste works.

Building static socat

In the socat directory there's a build.sh that can be used to build a statically linked socat binary.

There's a script genclient-embed.sh which can then be used to generate a client script that has socat embedded.

Attaching to a connected reverse shell

Should be as simple as:

tmux att -t rshsh
```

From the user account that the server is running under. Each connection
will be placed in their own `tmux` windows.


## Other configuration options

### Disabling auto re-connect

If for some reason you don't want to have the reverse shells attempt to
re-connect every 5 seconds after a disconnect set `loop=0` in `vars`