Chashell

Reverse Shell over DNS

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

It comes with a multi-client control server, name chaser.

Communication security

Every packet is encrypted using symmetric cryptography (XSalsa20 + Poly1305), with a shared key between the client and the server.

Protocol

Chashell communicates using Protocol Buffers serialized messages. For reference, the Protocol Buffers structure (.proto file) is available in the proto folder.

Here is a (simplified) communication chart :

Keep in mind that every packet is encrypted, hex-encoded and then packed for DNS transportation.

Supported systems

Chashell should work with any desktop system (Windows, Linux, Darwin, BSD variants) that is supported by the Go compiler.

Download && Use

Author: Nicolas Chatelain <n.chatelain -at- sysdream.com>