pwncat v0.0.21-alpha releases: Netcat on steroids with Firewall/IPS evasion, bind/reverse shell
pwncat
Netcat on steroids with Firewall and IPS evasion, bind and reverse shell, local and remote port-forward.
Motivation
Ever accidentally hit Ctrl+c on your reverse shell and it was gone for good? Ever waited forever for your client to connect back to you, because the Firewall didn’t let it out? Ever had a connection loss because an IPS closed suspicious ports? Ever were in need of port-forwarding, but you didn’t have SSH access?
This one got you covered.
Apart from that the current features of nc, ncat or socat just didn’t feed my needs and I also wanted to have a single tool that works on older and newer machines (hence Python 2+3 compat). Most importantly I wanted to have it in a language that I can understand and provide my own features with. (Wait for it, binary releases for Linux, MacOS, and Windows will come shortly).
⭐ Features
pwncat has many features, below is only a list of outstanding characteristics.
| Feature | Description |
|---|---|
| Bind shell | Create bind shells |
| Reverse shell | Create reverse shells |
| Proxy | Local and remote port forwards without SSH |
| Ctrl+c protect | A reverse shell can reconnect if you accidentally hit Ctrl+c |
| Detect Egress | Scan and report open egress ports on the target |
| Evade FW | Evade egress firewalls by round-robin outgoing ports |
| Evade IPS | Evade Intrusion Prevention Systems by being able to round-robin outgoing ports on connection interrupts |
| UDP rev shell | Try this with the traditional netcat |
| TCP / UDP | Full TCP and UDP support |
| Python 2+3 | Works with Python 2 and Python 3 |
| Cross OS | Should work on Linux, MacOS, and Windows as long as Python is available |
| Compatability | Use the traditional netcat as a client or server together with pwncat |
Changelog v0.0.21-alpha
Added
- Feature: Be able to inject multiple reverse shells
--self-injectby specifying a port list (comma separated, range or increment): https://www.youtube.com/watch?v=VQyFoUG18WY
Changed
- port argument not only takes comma seperated value or range, but now also an increment:
443+10
