search

t3l3machus / hoaxshell

A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.
BSD 2-Clause "Simplified" License
3.05k stars 482 forks source link

No shell ? #59

Closed SmailDH closed 1 year ago

SmailDH commented 1 year ago

Hi Team, Could anyone advise why i am receiving the connection back when try with netcat but nothing happening when i start the listener ? image

t3l3machus commented 1 year ago

@SmailDH it looks like the cmd payload you used with cme is using https, but the hoaxshell server was not started with -c and -p, used to provide certificate and private key files to start the listener via https. Maybe if you change protocol=https to protocol=http in the payload, it will actually work.

Another suggestion is to use Villain, which has the hoaxshell listener built-in and can also generate payloads (like the cmd-curl you are using) quickly, among other things.

hope it helps!

SmailDH commented 1 year ago

Thank you @t3l3machus , Yes it did work with "http" but doesn't look it handle the display very well, i will try to use the Villain as suggested :) , possibly python stuff

image

t3l3machus commented 1 year ago

@SmailDH please let me know if you had the same issue with villain.

SmailDH commented 1 year ago

@SmailDH please let me know if you had the same issue with villain.

I will do , thank you!