Documentation
¶
Overview ¶
sslshell is a simple c2 that listens for incoming ssl/tls connections in order to establish a reverse shell.
The sslshell can generate it's own server certificate, or the user can provide their own. It's often a smart idea to provide unique certificate to avoid fingerprinting. To generate the required files you can use openssl:
openssl genpkey -algorithm RSA -out private_key.pem openssl req -new -key private_key.pem -out csr.pem openssl x509 -req -days 365 -in csr.pem -signkey private_key.pem -out certificate.pem
The private_key.pem and certificate.pem are then provided on the command line like so:
./cve-2021-22205_linux-arm64 -e -sslShellServer.PrivateKeyFile private_key.pem -sslShellServer.ServerField certificate.pem ...
If a certificate is not provide, this c2 will generate one on the fly, but it is likely vulnerable to fingerprinting.
This c2 can accept multiple connections, but it currently can only handle interacting with one at a time.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Server ¶
type Server struct {
// The socket the server is listening on
Listener net.Listener
// The file path to the user provided private key (if provided)
PrivateKeyFile string
// The file path to the user provided certificate (if provided)
CertificateFile string
// contains filtered or unexported fields
}
func GetInstance ¶ added in v1.0.8
func GetInstance() *Server
Get a singleton instance of the sslserver c2.
func (*Server) Channel ¶ added in v1.43.0
Return the underlying C2 channel with metadata and session information.
func (*Server) CreateFlags ¶ added in v1.0.8
func (shellServer *Server) CreateFlags()
Create the flags for accepting custom TLS configurations.
func (*Server) Init ¶
Parses the user provided files or generates the certificate files and starts the TLS listener on the user provided IP/port.
Source Files