pwncat v0.0.21-alpha releases: Netcat on steroids with Firewall/IPS evasion, bind/reverse shell
Netcat on steroids with Firewall and IPS evasion, bind and reverse shell, local and remote port-forward.
Ever accidentally hit Ctrl+c on your reverse shell and it was gone for good? Ever waited forever for your client to connect back to you, because the Firewall didn’t let it out? Ever had a connection loss because an IPS closed suspicious ports? Ever were in need of port-forwarding, but you didn’t have SSH access?
This one got you covered.
Apart from that the current features of nc, ncat or socat just didn’t feed my needs and I also wanted to have a single tool that works on older and newer machines (hence Python 2+3 compat). Most importantly I wanted to have it in a language that I can understand and provide my own features with. (Wait for it, binary releases for Linux, MacOS, and Windows will come shortly).
pwncat has many features, below is only a list of outstanding characteristics.
|Bind shell||Create bind shells|
|Reverse shell||Create reverse shells|
|Proxy||Local and remote port forwards without SSH|
|Ctrl+c protect||A reverse shell can reconnect if you accidentally hit Ctrl+c|
|Detect Egress||Scan and report open egress ports on the target|
|Evade FW||Evade egress firewalls by round-robin outgoing ports|
|Evade IPS||Evade Intrusion Prevention Systems by being able to round-robin outgoing ports on connection interrupts|
|UDP rev shell||Try this with the traditional netcat|
|TCP / UDP||Full TCP and UDP support|
|Python 2+3||Works with Python 2 and Python 3|
|Cross OS||Should work on Linux, MacOS, and Windows as long as Python is available|
|Compatability||Use the traditional netcat as a client or server together with pwncat|
- Feature: Be able to inject multiple reverse shells
--self-injectby specifying a port list (comma separated, range or increment): https://www.youtube.com/watch?v=VQyFoUG18WY
- port argument not only takes comma seperated value or range, but now also an increment: