tornado v1.3.5 releases: Anonymously Reverse shell over Tor Network using Hidden Services without portfortwarding

tornado

Anonymously Reverse shell over Tor Network using Hidden Services without port forwarding.

This project implements the tor network with the metasploit-framework tool and msfvenom module. You can easily create hidden services for your LHOST .onion domain without portforwarding. If you have experienced different remote administration tools, probably you know you need a forward port with VPN or NGROK but in this sense, the Tor network offers the possibility of making services in a machine accessible as hidden services without portforwarding, by taking advantage of the anonymity it offers and thereby preventing the real location of the machine from being exposed.

tornado can do

• create hidden service with tor network
• generate cross-platform msfvenom payload with fully undetectable shellcode execution, not shikata_ga_nai things
• hidden service becomes available outside tor network and ready to reverse shell connection

be careful with tor2web even onion network, the only suicide mission is wearing blinders. tornado is not secure from the victim’s point of view: the point of tor is that users can connect without being eavesdropped on and going through the clearnet with tor2web, even with https seriously cripples the efforts made to protect users.

Install

Built With

• Tor
• Metasploit
• Tor2Web

1. Clone the repo

   git clone https://github.com/samet-g/tornado.git

2. Install Python packages

   pip3 install -r requirements.txt

Use

• Run with Python as Administrator
  python3 tornado.py

Copyright (C) 2022 samet-g

Source: https://github.com/samet-g/