hershell: Multiplatform reverse shell generator

by do son · January 6, 2020

Hershell

A simple TCP reverse shell is written in Go.

It uses TLS to secure the communications, and provide a certificate public key fingerprint pinning feature, preventing traffic interception.

Supported OS is:

Windows
Linux
Mac OS
FreeBSD and derivatives

Why?

Although meterpreter payloads are great, they are sometimes spotted by AV products.

The goal of this project is to get a simple reverse shell, which can work on multiple systems.

Usage

First of all, you will need to generate a valid certificate:

$ make depends

openssl req -subj '/CN=yourcn.com/O=YourOrg/C=FR' -new -newkey rsa:4096 -days 3650 -nodes -x509 -keyout server.key -out server.pem

Generating a 4096 bit RSA private key

....................................................................................++

.....++

writing new private key to 'server.key'

-----

cat server.key >> server.pem

For Windows:

For Linux:

For Mac OS X

Meterpreter staging

WARNING: this currently only works for the Windows platform.

The meterpreter staging currently supports the following payloads :