View Issue Details

IDProjectCategoryView StatusLast Update
0005305Kali LinuxNew Tool Requestspublic2019-10-28 13:42
Reportersplinter_code Assigned To 
PrioritynormalSeverityminorReproducibilityN/A
Status closedResolutionwon't fix 
Summary0005305: SharPyShell - tiny and obfuscated ASP.NET webshell for C# web applications
Description
  • [Name] - SharPyShell
  • [Version] - v1.0
  • [Homepage] - https://github.com/antonioCoco/SharPyShell
  • [Download] - git clone https://github.com/antonioCoco/SharPyShell.git
  • [Author] - Antonio Cocomazzi (@splinter_code)
  • [Licence] - GNU General Public License v3.0 ~ https://github.com/antonioCoco/SharPyShell/blob/master/LICENSE
  • [Description] - SharPyShell - tiny and obfuscated ASP.NET webshell for C# web applications
    SharPyShell is a post-exploitation framework written in Python that are capable of:

    • Generate obfuscated webshell (generate);
    • Simulate a windows terminal as an interaction for the webshell (interact).

The main aim of this framework is providing the penetration tester a series of tools to ease the post exploitation phase once an exploitation has been succesfull against an IIS webserver.

  • [Dependencies] - python2.7 + prettytable + Crypto + requests ~ https://github.com/antonioCoco/SharPyShell/blob/master/requirements.txt
  • [Similar tools] - weevely
  • [Activity] - Mar 10, 2019 - Current
  • [How to install] - git clone https://github.com/antonioCoco/SharPyShell.git && cd SharPyShell && pip install -r requirements.txt
  • [How to use] -
    ./SharPyShell.py generate -p 'somepassword' ./SharPyShell.py interact -u 'http://target.url/sharpyshell.aspx' -p 'somepassword'

Activities

splinter_code

splinter_code

2019-03-29 11:12

reporter   ~0010450

SharPyShell v1.1.14 released:

Changelog --> https://github.com/antonioCoco/SharPyShell/releases
new requirements --> https://github.com/antonioCoco/SharPyShell/blob/master/requirements.txt

g0tmi1k

g0tmi1k

2019-10-28 13:42

administrator   ~0011247

This tool looks good, however, the lack of commits is a little worrying (8 months ago)
If dev picks up again, then we should add it in

Issue History

Date Modified Username Field Change
2019-03-11 12:21 splinter_code New Issue
2019-03-29 11:12 splinter_code Note Added: 0010450
2019-10-28 13:42 g0tmi1k Note Added: 0011247
2019-10-28 13:42 g0tmi1k Status new => closed
2019-10-28 13:42 g0tmi1k Resolution open => won't fix