An advanced multi-threaded, multi-client python reverse shell for hacking linux systems

Related tags

Security related resourceswindowslinuxsocketreverse-shellhackingpython3ethical-hackingshell-scriptingmetasploittqdmethicalshellscriptingnoobseclevelivsecpwnlnx
Overview

PwnLnX

An advanced multi-threaded, multi-client python reverse shell for hacking linux systems. There's still more work to do so feel free to help out with the development. Disclaimer: This reverse shell should only be used in the lawful, remote administration of authorized systems. Accessing a computer network without authorization or permission is illegal.

πŸ“« Reach me out!

Twitter Badge Mail Badge Mail Badge Mail Badge Mail Badge

Communities πŸ•΅ πŸ•΅

Hang out with Xtreme Security family on Discord.

Discord

Getting Started

Please follow these instructions to get a copy of PwnLnX running on your local machine without any problems.

Prerequisites

  • Python3:
    • vidstream
    • pyfiglet
    • tqdm
    • mss
    • termcolor
    • pyautogui
    • pyinstaller
    • pip3
    • pynput

Installing

# Download source code
git clone https://github.com/OxTRAW/PwnLnX.git


cd PwnLnX

# download and  install the dipendences
chmod +x setup.sh

./setup.sh

Getting PwnLnx up and running

Show help

python3 PwnLnX.py --help

Listening for incoming connections

python3 PwnLnX.py --lhost [your localhost ip address] --lport [free port for listening incoming connections]

creating/Generating a payload

chmod +x PwnGen.sh

./PwnGen.sh

then follow the procedure to successifully create your payload, the payload is saved in PwnLnx directory. Send the created payload to victim

PwnLnx Usage

Command Usage
help show help
exit close all the sessions and quit the progaram.
show sessions show all available sessions from connected.
session [ID] interact with a specified session ID.
kill [all/ID] kill a specified session or all to kill all sessions.
banner have funny by changing the program banner

Interact with a session

Command Usage
help show help.
quit close the current session.
background background the current session.
sysinfo get minimum target system information.
create_persist create a persistant backdoor.
upload upload the specified filename to the target system.
download download the specified filename from the target system.
screenshot take a desktop screenshot of the target system.
start_screenshare start desktop screensharing.
stop_screenshare stop desktop screensharing.
start_keycap start capturing victim's pressed keystrokes.
dump_keycap dump/get the captured keystrokes.
stop_keycap stop the capturing keystrokes.

NB. you can also execute linux system commands besides those listed above.

Disclaimer

I will not be responsible for any direct or indirect damage caused due to the usage of this tool, it is for educational purposes only.

Report Bugs

[email protected]

Snapshots

Owner
0xTRAW
A Network Engineering Student who is always learning. I Spend most of time coding some ethical hacking projects.
0xTRAW
GitHub Repository
Now patched 0day for force reseting an accounts password

Animal Jam 0day No-Auth Force Password Reset via API Now patched 0day for force reseting an accounts password Used until patched to cause anarchy. Pro

IRIS 10 Nov 17, 2022
Python exploit for vsftpd 2.3.4 - Backdoor Command Execution

CVE-2011-2523 - vsftpd 2.3.4 Exploit Discription vsftpd, which stands for Very Secure FTP Daemon,is an FTP server for Unix-like systems, including Lin

Padsala Tushal 5 Nov 08, 2022
the swiss army knife in the hash field. fast, reliable and easy to use

hexxus Hexxus is a fast hash cracking tool which checks more than 30 thousand passwords in under 4 seconds and can crack the following types bcrypt sh

enigma146 17 Apr 05, 2022
Phishing Campaign Toolkit

King Phisher Phishing Campaign Toolkit Installation For instructions on how to install, please see the INSTALL.md file. After installing, for instruct

RSM US LLP 1.9k Jan 01, 2023
Script Crack Facebook Yang Kaya Akan Teh Hijau πŸšΆβ€β™‚

r-mbf Script Crack Facebook πŸšΆβ€β™‚ Bukti Recode [β€’] Install Script $ pkg update && pkg upgrade $ pkg install python $ pkg install git $ pip install requ

O'Hayo Smrn 3 Apr 02, 2022
Metal Gear Online 2 (MGO2) stage files decryption

Metal Gear Online 2 decryption tool Metal Gear Online 2 (MGO2) has an additional layer of encryption for stage files. I was not able to find info abou

4 Sep 02, 2022
Lightweight and beneficial Dependency Injection plugin for apscheduler

Implementation of dependency injection for apscheduler Prerequisites: apscheduler-di solves the problem since apscheduler doesn't support Dependency I

Glib 11 Dec 07, 2022
Mr.Holmes is a information gathering tool (OSINT)

πŸ” Mr.Holmes Mr.Holmes is a information gathering tool (OSINT). Is main purpose is to gain information about domains,username and phone numbers with t

534 Jan 08, 2023
A Python replicated exploit for Webmin 1.580 /file/show.cgi Remote Code Execution

CVE-2012-2982 John Hammond | September 4th, 2021 Checking searchsploit for Webmin 1.580 I only saw a Metasploit module for the /file/show.cgi Remote C

John Hammond 25 Dec 08, 2022
This is a proof-of-concept exploit for Grafana's Unauthorized Arbitrary File Read Vulnerability (CVE-2021-43798).

CVE-2021-43798 – Grafana Exploit About This is a proof-of-concept exploit for Grafana's Unauthorized Arbitrary File Read Vulnerability (CVE-2021-43798

Pedro Havay 12 Nov 18, 2022
This is an injection tool that can inject any xposed modules apk into the debug android app

This is an injection tool that can inject any xposed modules apk into the debug android app, the native code in the xposed module can also be injected.

Windy 32 Nov 05, 2022
Blinder is a tool that will help you simplify the exploitation of blind SQL injection

Blinder Have you found a blind SQL injection? Great! Now you need to export it, but are you too lazy to sort through the values? Most likely,

10 Dec 06, 2022
Proof of Concept Exploit for vCenter CVE-2021-21972

CVE-2021-21972 Proof of Concept Exploit for vCenter CVE-2021-21972

Horizon 3 AI Inc 210 Dec 31, 2022
Security offerings for AWS Control Tower

Caylent Security Catalyst Reference Architecture Examples This repository contains solutions for Caylent's Security Catalyst. The Security Catalyst is

Steven Connolly 1 Oct 22, 2021
Official repository for Pyew.

pyew Pyew is a (command line) python tool to analyse malware. It does have support for hexadecimal viewing, disassembly (Intel 16, 32 and 64 bits), PE

Joxean 362 Nov 28, 2022
Apache Solr SSRF(CVE-2021-27905)

Solr-SSRF Apache Solr SSRF #Use [-] Apache Solr SSRF漏洞 (CVE-2021-27905) [-] Options: -h or --help : ζ–Ήζ³•θ―΄ζ˜Ž -u or --url

Henry4E36 70 Nov 09, 2022
Mass Shortlink Bypass Merupakan Tools Yang Akan Bypass Shortlink Ke Tujuan Asli, Dibuat Dengan Python 3

Shortlink-Bypass Mass Shortlink Bypass Merupakan Tools Yang Akan Bypass Shortlink Ke Tujuan Asli, Dibuat Dengan Python 3 Support Shortlink tii.ai/tei.

Wan Naz ID 6 Oct 24, 2022
Nmap scanner with python

Nmap_scanner Usage: sudo python3 nmap_ping.py -i Network List.txt -o Output Folder Location Program can Run Ping Scan Run Port Scan Run Nmap Vuln

Arshaad Mohiadeen 3 Apr 13, 2022
This a simple tool XSS Detection Suite for CTFs games

This a simple tool XSS Detection Suite for CTFs games

Mostafa 2 Nov 24, 2021
About Hive Burp Suite Extension

Hive Burp Suite Extension Description Hive extension for Burp Suite. This extension allows you to send data from Burp to Hive in one click. Create iss

7 Dec 07, 2022