Ad End 1 February 2024
Ad Ends 13 January 2025
ad End 25 April 2025
Ad Ends 20 January 2025
Ad expire at 5 August 2024
banner Expire 25 April 2025
What's new
banner Expire 15 January 2025
banner Expire 20 October 2024
UniCvv
adv exp at 23 August 2024
casino
swipe store
Carding.pw carding forum
BidenCash Shop
Kfc CLub

Postshell Post Exploitation Bind Backconnect Shell

Dark_Code_x

TRUSTED VERIFIED SELLER
Staff member
Joined
Jun 28, 2020
Messages
6,618
Reaction score
715
Points
212
Awards
2
  • Somebody Likes you
  • First post
PostShell is a post-exploitation shell that includes both a bind and a back connect shell. It creates a fully interactive TTY which allows for job control. The stub size is around 14kb and can be compiled on any Unix like system.

Why not use a traditional Backconnect/Bind Shell?
PostShell allows for easier post-exploitation by making the attacker less dependant on dependencies such as Python and Perl. It also incorporates both a back connect and bind shell, meaning that if a target doesn't allow outgoing connections an operator can simply start a bind shell and connect to the machine remotely. PostShell is also significantly less suspicious than a traditional shell due to the fact both the name of the processes and arguments are cloaked.

Features

  • Anti-Debugging, if ptrace is detected as being attached to the shell it will exit.
  • Process Name/Thread names are cloaked, a fake name overwrites all of the system arguments and file name to make it seem like a legitimate program.
  • TTY, a TTY is created which essentially allows for the same usage of the machine as if you were connected via SSH.
  • Bind/Backconnect shell, both a bind shell and back connect can be created.
  • Small Stub Size, a very small stub(<14kb) is usually generated.
  • Automatically Daemonizes
  • Tries to set GUID/UID to 0 (root)
Download
 
Ad End 1 February 2024
Top