RSPET

RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.

DISCLAIMER: This software is provided for educational purposes and as a proof of concept. The developer(s) do not endorse, incite or in any other way support unauthorised computer access and networks disruption.

NOTE: As of v0.0.3 folder min has been added. Since the new version has many more features not essential to the main functionality (a reverse shell that is), min will not recieve any more features beyond v0.0.3 and will only get bug and performance related fixes.

Current Version: v0.1.0

Follow: @TheRSPET on Twitter for updates.

Features

• Remote Command Execution
• Trafic masking (XORed insted of cleartext); for better results use port 443[1]
• Built-in File/Binary transfer (both ways) over the masked trafic
• Built-in UDP Flooding tool
• Built-in UDP Spoofing tool[2]
• Multiple/All Hosts management; order File/Binary transfer and UDP Flood from Multiple/All connected Hosts
• Modular Code Design to allow easy customization[3]
• Client script is tested and is compatible with PyInstaller (can be made into .exe)[4]

*[1]The idea for XORing as well as the skeleton for the client came from primalsecurity.net so if you like this pack of scripts you'll probably love what they do

*[2]UDP Spoofing uses RAW_SOCKETS so in order to utilize it, the client has to run on an OS that supports RAW_SOCKETS (most Unix-Based) and with root privilages. Finally, most of the ISPs have implementations in place that will either drop or re-structure spoofed packets

*[3]See EXPANDING for how you can easily add new functionality and customize RSPET to your needs

*[4]Again check primalsecurity.net's perfect blogpost about producing an .exe

Deployment:

• rspet_server.py or RSPET_server_min.py is situated at the attacker's machine and running to accept connections
• rspet_client.py or RSPET_client_min.py is situated in the infected machine(s) and will initiate the connection and wait for input.

Execution:

• Server:

python rspet_server.py (max_connections) 

max_connections defaults to 5 if left blank

• Client:

python rspet_client.py server_ip

Many changes can be made to fit individual needs.

As always if you have any suggestion, bug report or complain feel free to contact me.

Distros

A list of Distros that contain RSPET

• BlackArch Linux (as of version 2016.04.28)
• ArchStrike

As Featured in

• seclist.us
• sillycon.org
• digitalmunition.me
• n0where.net
• kitploit.com
• Hakin9 IT Security Magazine

Todo

• Fix logic bug where if a dirrect command to Host OS has no output Server displays command not recognised
• Fix logic bug where if a dirrect command's to Host OS execution is perpetual the Server deadlocks
• Add client version and type (min or full) as a property when client connects and at List_Hosts
• Add client update mechanism (being worked on)
• Add UDP Reflection functionality (already in the workings)

Styleguide

This project is following Google's Python Styleguide with a minor varitation on the use of whitespaces to align ":" tokens.

Contribution Opportunities

This project is open for contributors. If you have implemented a new feature, or maybe an improvment to the current code feel free to open a pull request. If you want to sugest a new feature open an issue. Additionally Testers are needed to run a few standard scenarios (and a few of their own maybe) to decrease the chance a bug slips into a new version. Should there be any interest about testing a beta folder will be created (where code to be tested will be uploaded) along with a list of scenarios.

Author

panagiks

Contributors

• b3mb4m -- Code (tab.py and bug fixes)
• junzy -- Docstings (udp_spoof & udp_spoof_send)

License

MIT