Statically-linked ssh server with reverse shell functionality for CTFs and such
LHOST
and LPORT
parameters can now be given at compile time to create a non-interactive reverse shell binary. This is supposed to be more beneficial in some cases, where providing arguments might be difficult on the victim machine. (see build tricks section in readme)-l
has changed to work better with -p
: -l
now is only a boolean flag that enforces listening mode, even if a value for LHOST
was given at compile time. This further streamlines usability, as your local listener can now be easily started with reverse-ssh -l
with the same binary that is executed on the victim.BPORT
, the port at which the reverse connection will try to bind at the ssh host, is now exposed at compile time to aid in scenarios where a single listener catches reverse connections from multiple hosts/users (setting it to 0
results in automatic port acquisition).-N
was added as boolean command line flag to deny incoming shell/exec/subsystem connections. This allows to run a local listener without unintentionally opening a backdoor on the attacker host.Full Changelog: https://github.com/Fahrj/reverse-ssh/compare/v1.1.0...v1.2.0
Among a few updates to the Readme, this release contains the following changes:
Windows10 Build 17763
has been removed, as directly executing cmd
yields a saner shellmake
Improved windows support compared to v1.0.0-alpha:
ssh-shellhost.exe
Default shell can now be specified during compilation via RS_SHELL