Penelope – Shell Handler

0/5 No votes

Report this app

Description

penelope 1

 

Penelope is a sophisticated shell handler. Its primary goal is to switch netcat as shell catcher throughout exploiting RCE vulnerabilities. It really works on Linux and macOS and the one requirement is Python3. It’s one script with out third social gathering dependencies and hopefully it’ll keep that method.

Among the many primary options are:

  • Auto-upgrade shells to PTY (auto-resize included)
  • Logging interplay with the targets
  • Obtain information from targets
  • Add information to targets
  • Add preset scripts to targets
  • Spawn backup shells
  • A number of periods
  • A number of listeners
  • Might be imported by exploits and get shell on the identical terminal (see extras)

Penelope can work along with metasploit exploits by disabling the default handler with set DisablePayloadHandler True

It helps Home windows shells however autoupgrade is just not applied but. Nonetheless it may settle for PTY shells from the superb venture ConPtyShell of @antonioCoco. Autoresize of PTY is applied.

Pattern primary utilization

reverse shells on 0.0.0.0:4444 penelope.py 5555 # Listening for reverse shells on 0.0.0.0:5555 penelope.py 5555 -i eth0 # Listening for reverse shells on eth0:5555 penelope.py -c goal 3333 # Connect with a bind shell on track:3333 “>

penelope.py                   # Listening for reverse shells on 0.0.0.0:4444
penelope.py 5555              # Listening for reverse shells on 0.0.0.0:5555
penelope.py 5555 -i eth0      # Listening for reverse shells on eth0:5555

penelope.py -c goal 3333    # Connect with a bind shell on track:3333

Demonstrating random utilization (1)

  1. Executing penelope with out parameters and getting a reverse shell
  2. Urgent F12 to detach the session and go to the primary menu
  3. Run ‘recon’ command to add preset privesc scripts to the goal
  4. Interacting once more with the session, confirming that scripts are uploaded
  5. Detaching once more with F12 and downloading /and so forth listing from the goal
  6. Kill the session and exiting with Ctrl-D

penelope 1

 

Demonstrating random utilization (2)

  1. Including an additional listener and present all listeners
  2. Interacting with session 1
  3. Spawning 2 further backup periods
  4. Displaying all periods
penelope 2

 

Command line choices

positional arguments:
  PORT                  Port to hear/connect with relying on -i/-c choices. Default: 4444

Reverse or Bind shell?:
  -i , --address        IP Tackle or Interface to hear on. Default: 0.0.0.0
  -c , --connect        Bind shell Host

Hints:
  -a, --hints           Present pattern payloads for reverse shell primarily based on the registered listeners
  -l, --interfaces      Present the obtainable community interfaces
  -h, --help            present this assist message and exit

Verbosity:
  -Q, --silent          Present solely errors and warnings
  -X, --extra-silent    Suppress all logging messages

Logging:
  -L, --no-log          Don't create session log information
  -T, --no-timestamps   Don't embrace timestamps on logs

Misc:
  -H, --no-history      Disable shell historical past on track
  -P, --plain           Simply land to the menu
  -S, --single-session  Accommodate solely the primary created session
  -C, --no-attach       Disable auto attaching periods upon creation
  -U, --no-upgrade      Don't improve shells

Debug:
  -d, --debug           Present debug messages
  -NP, --no-python      Simulate python absence on track
  -NB, --no-bash        Simulate bash absence on track
📁 Download Mirror 1 📁 Download Mirror 2 📁 EXTERNAL MIRROR
📁 Download Mirror 1 📁 Download Mirror 2 📁 EXTERNAL MIRROR

Leave a Reply