pwncat v0.1 releases: Netcat on steroids with Firewall/IPS evasion, bind/reverse shell
Netcat on steroids with Firewall and IPS evasion, bind and reverse shell, local and remote port-forward.
Ever accidentally hit Ctrl+c on your reverse shell and it was gone for good? Ever waited forever for your client to connect back to you, because the Firewall didn’t let it out? Ever had a connection loss because an IPS closed suspicious ports? Ever were in need of port-forwarding, but you didn’t have SSH access?
This one got you covered.
Apart from that the current features of nc, ncat or socat just didn’t feed my needs and I also wanted to have a single tool that works on older and newer machines (hence Python 2+3 compat). Most importantly I wanted to have it in a language that I can understand and provide my own features with. (Wait for it, binary releases for Linux, MacOS, and Windows will come shortly).
pwncat has many features, below is only a list of outstanding characteristics.
|Bind shell||Create bind shells|
|Reverse shell||Create reverse shells|
|Proxy||Local and remote port forwards without SSH|
|Ctrl+c protect||A reverse shell can reconnect if you accidentally hit Ctrl+c|
|Detect Egress||Scan and report open egress ports on the target|
|Evade FW||Evade egress firewalls by round-robin outgoing ports|
|Evade IPS||Evade Intrusion Prevention Systems by being able to round-robin outgoing ports on connection interrupts|
|UDP rev shell||Try this with the traditional netcat|
|TCP / UDP||Full TCP and UDP support|
|Python 2+3||Works with Python 2 and Python 3|
|Cross OS||Should work on Linux, MacOS, and Windows as long as Python is available|
|Compatability||Use the traditional netcat as a client or server together with pwncat|
- Fixed UTF-8 char conversion for Python3
- Fixed calculation for socket bytes sent
- Fixed shutdown handling for port scanner
- Fixed false positives for port scanner
- Fixed sending binary data from stdin
- Fixed self-inject mode if remote sends greetings or prefixes: #83
- Fixed remote command to respawn if it crashes due to bad user input
- Implemented signal handler to distribute shutdown signals across threads
--no-shutdownto copy the behaviour of OpenBSD netcat to keep stdin open after EOF
- CI: Integration tests for inject shell
- CI: Integration tests for different file transfer modes
- Added artwork
- Changed behaviour to close after EOF on stdin (can be reverted via
- Added faster method to validate remote files in CNC mode