Post Exploitation Bind

Post Exploitation Bind

Post Exploitation Bind

PostShell is a post-exploitation shell that includes both a bind and a back connect shell. It also creates a fully interactive TTY which allows for job control. The stub size is around 14kb and can be compiled on any Unix-like system.

Why not use a traditional Backconnect/Bind Shell?

PostShell allows for easier post-exploitation by making the attacker less dependent on dependencies such as Python and Perl. It also incorporates both a back connect and bind shell, meaning that if a target doesn’t allow outgoing connections an operator can simply start a bind shell and connect to the machine remotely. Postell is also significantly less suspicious than a traditional shell due to the fact both the name of the processes and arguments are cloaked.

PostShell - Post Exploitation Bind

Features

  • Anti-Debugging, if ptrace is detected as being attached to the shell it will exit.
  • Process Name/Thread names are cloaked, a fake name overwrites all of the system arguments and file names to make it seem like a legitimate program.
  • TTY, a TTY is created which essentially allows for the same usage of the machine as if you were connected via SSH.
  • Bind/Backconnect shell, both a bind shell and back connect can be created.
  • Small Stub Size, a very small stub(<14kb) is usually generated.
  • Automatically Daemonizes
  • Tries to set GUID/UID to 0 (root)

You can also buy instant:

GET ANYTHING FROM G2A FOR FREE

Cashapp Money Transfer Click here

Paypal Money Transfer Click here

Western Union  Money Transfer Click here

Venmo Money Transfer Click here

Bank Money Transfer Click here to Contact Us

Leave a Reply