EzpzShell: A Cool All-In-One Python Script That Simplifies Revshell Creation : Benjamin Reitz

EzpzShell: A Cool All-In-One Python Script That Simplifies Revshell Creation
by: Benjamin Reitz
blow post content copied from  Finxter
click here to view original post


5/5 - (1 vote)
YouTube Video

👉 EzpzShell GitHub: https://github.com/H0j3n/EzpzShell

WHAT IS EzpzShell?

EzpzShell is a Python script that helps to streamline the revshell payload and listener creation process for ethical hackers, pentesters, and CTF gamers.

There are many file types available, and it outputs several different payload options to choose from, letting you pick the most efficient option for your specific use case.

Today I’ll guide you through the installation and setup of EzpzShell.py on Kali Linux in a virtual hacking lab setup. 

👉 Recommended: How I Set Up My Virtual Hacking Laboratory for Safe and Legal Penetration Testing

INSTALLATION

We’ll need to temporarily switch the internet setting on our attack machine (Kali) to “bridged adapter”. This will create an IP for our virtual machine as if it was a physical machine on our own network.

After switching the setting, we boot up Kali and grab the Git repo for EzpzShell.py.

Now that we have installed EzpzShell.py on our Kali VM, let’s shut it down and switch the network setting back to “host-only adapter”.

This will switch the internet off again and put the attack box back into the hacking lab network.

CREATE A BASH ALIAS

To simplify the command (python3 ~/EzpzShell.py) into a one-word command we can add the following line to a new file .bash_aliases

Next, let’s run the following command to make the bash alias permanent.

source ~/.bashrc

Now we can easily run EzPzShell.py from any directory on Kali with the command:

ezpz

EXAMPLE OF A REVERSHELL EZPZSHELL ON OUR VIRTUAL HACKINGLAB

We’ll run the command “ezpz 192.168.60.4 8888 py” to see a list of reverse shell payloads.

This is quicker than poking around the web for the right kind of shell, and it is also super handy that the listener is automatically started up and set to receive the revshell.

Let’s use the first payload, the python script:

After copying and pasting this into a new shell.py file on the target machine, we can trigger the revshell by running the program on our target machine:

python shell.py

And we catch it with EzPzShell immediately on our Kali attack machine!

FINAL THOUGHTS

As you can see, EzPzShell is a versatile Python script for reverse shell payload creation and listener spawning.

It seamlessly sets up our listener to catch the revshell using the file type of our choice from a long list of options. I’ll be adding EzPzShell to my regular pen-testing toolkit and am confident that it will save me lots of time down the road in various CTF challenges and pentesting scenarios.

Lookout for EzpzShell in future hacking tutorial videos.

👉 Recommended: [TryHackMe] Skynet Walkthrough Using Remote File Inclusion


February 08, 2023 at 10:42PM
Click here for more details...

=============================
The original post is available in Finxter by Benjamin Reitz
this post has been published as it is through automation. Automation script brings all the top bloggers post under a single umbrella.
The purpose of this blog, Follow the top Salesforce bloggers and collect all blogs in a single place through automation.
============================

Salesforce