一个 TLS 加密的反向 Shell

用法

$ trsh -h
trsh 0.1.2
南浦月 <[email protected]>
A TLS encrypted Reverse Shell

USAGE:
    trsh [FLAGS] [OPTIONS]

FLAGS:
    -h, --help       Prints help information
    -r               Readonly mode (client)
    -n               Do not verify the server certificate (client)
    -V, --version    Prints version information

OPTIONS:
    -c <FILE>             Certificate chain file (server, required)
    -d <DOMAIN>           Server name to verify (client)
    -k <FILE>             Private key file (server, required)
    -l <IP:PORT>          Listen address (server, required)
    -s <HOST:PORT>        Server address to connect (client, required)

服务器

$ trsh -l 0.0.0.0:2022 -c trsh.crt -k trsh.key
Server fingerprint: KjyG4ONKfTUjjsAzgEFcPpwCCaLeVtHgNqEAfWo9Oj8=
Waiting for client to connect...

客户端

$ trsh -r -n -s server.host:2022
Server fingerprint: KjyG4ONKfTUjjsAzgEFcPpwCCaLeVtHgNqEAfWo9Oj8=
Do you want continue? [y/N]
y
You can use "Ctrl + C" to disconnect at any time.

或者您也可以使用系统信任的证书而不使用 -n。

提示

生成自签名证书

openssl genrsa -out trsh.key 2048
openssl req -new -x509 -days 365 -key trsh.key -out trsh.crt -subj "/CN=trsh"

许可证

本项目遵循 MIT 协议。