AliumTerm: Reverse Shells over Tor, Part 2. The PTY.

In this post, we will upgrade our listener to give us a PTY, and write a simple enough python implant to send us back our shells. We will also discuss the problem of adding dependencies to our script, and I'll show the absolutely hideous solution I came up with. A reasonably short entry, as spawning …

Reverse SSL Shells with stunnel.

Just a quick post, something I came across today, and after a bit of experimenting, got working. In this post I'll show you a neat "living off the land" trick, using the "stunnel" utility as a "backdoor" of sorts, delivering you a reverse shell over SSL to a socat listener. Even better - you can …

Basic Programming: File Uploads using Python-Requests

So uploading files is something I figured I should cover first, before discussing the "streaming files" stuff later. In the requests library, there is a pretty simple way to manage uploading files. I'll cover some examples here, which are probably the ways I end up doing it most often. In all of these examples, we …

AliumTerm: Reverse Shells over Tor, Part 1. Basics.

Before I begin, this project (which will unfold over a few blog posts) probably has no real application to "authorized intrusion activities" (red teaming, penetration testing, etc), and its release has largely been motivated by a desire to show how various problems were identified and overcome along the way. Kind of a "showing the work". …