curlrevshell_https

command
v0.0.0-...-ccf7c5e Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 7, 2025 License: BSD-3-Clause Imports: 15 Imported by: 0

README

curlrevshell_https

When loaded, perhaps with bash's enable, connects back to curlrevshell and hooks up the process's stdio to curlrevshell's /io URL path.

Meant to demonstrate hiding a Go library.

Config

Two variables may be set at compile-time using Go's -ldflags '-X Var=Value':

Var Value
PinnedPubKey Curlrevshell's Base64'd SHA256'd TLS fingerprint, with or without sha256//
URL Curlrevshell's URL, e.g. https://you/io.

Quirks

The process should expect stdin to be a pipe, or at least not try to seek. In bash, this usually means loading the library with something like

exec 0<<<"enable ./x.so"

Documentation

Overview

Library curlrevshell_https is a shared object file which hooks up stdio to Curlrevshell via HTTPS.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.