Python Exec, Command Shell, Reverse TCP SSL (via python) - Metasploit


This page contains detailed information about how to use the payload/cmd/unix/python/shell_reverse_tcp_ssl metasploit module. For list of all metasploit modules, visit the Metasploit Module Library.

Table Of Contents
hide

Module Overview

Name: Python Exec, Command Shell, Reverse TCP SSL (via python)
Module: payload/cmd/unix/python/shell_reverse_tcp_ssl
Source code: modules/payloads/adapters/cmd/unix/python.rb
Disclosure date: -
Last modification time: 2022-02-24 09:04:51 +0000
Supported architecture(s): cmd
Supported platform(s): Unix
Target service / protocol: -
Target network port(s): -
List of CVEs: -

Execute a Python payload from a command. Creates an interactive shell via Python, uses SSL, encodes with base64 by design. Compatible with Python 2.6-2.7 and 3.4+.

Module Ranking and Traits

Module Ranking:

  • normal: The exploit is otherwise reliable, but depends on a specific version and can't (or doesn't) reliably autodetect. More information about ranking can be found here.

Basic Usage

msf > use payload/cmd/unix/python/shell_reverse_tcp_ssl
msf payload(shell_reverse_tcp_ssl) > show options
    ... show and set options ...
msf payload(shell_reverse_tcp_ssl) > generate

To learn how to generate payload/cmd/unix/python/shell_reverse_tcp_ssl with msfvenom, please read this.

Required Options

  • LHOST: The listen address (an interface may be specified)

Go back to menu.

Msfconsole Usage

Here is how the cmd/unix/python/shell_reverse_tcp_ssl payload module looks in the msfconsole:

msf6 > use payload/cmd/unix/python/shell_reverse_tcp_ssl

msf6 payload(cmd/unix/python/shell_reverse_tcp_ssl) > show info

       Name: Python Exec, Command Shell, Reverse TCP SSL (via python)
     Module: payload/cmd/unix/python/shell_reverse_tcp_ssl
   Platform: Unix
       Arch: cmd
Needs Admin: No
 Total size: 575
       Rank: Normal

Provided by:
  Spencer McIntyre
  RageLtMan <rageltman@sempervictus>

Basic options:
Name   Current Setting  Required  Description
----   ---------------  --------  -----------
LHOST                   yes       The listen address (an interface may be specified)
LPORT  4444             yes       The listen port

Description:
  Execute a Python payload from a command. Creates an interactive 
  shell via Python, uses SSL, encodes with base64 by design. 
  Compatible with Python 2.6-2.7 and 3.4+.

Module Options

This is a complete list of options available in the cmd/unix/python/shell_reverse_tcp_ssl payload:

msf6 payload(cmd/unix/python/shell_reverse_tcp_ssl) > show options

Module options (payload/cmd/unix/python/shell_reverse_tcp_ssl):

   Name   Current Setting  Required  Description
   ----   ---------------  --------  -----------
   LHOST                   yes       The listen address (an interface may be specified)
   LPORT  4444             yes       The listen port

Advanced Options

Here is a complete list of advanced options supported by the cmd/unix/python/shell_reverse_tcp_ssl payload:

msf6 payload(cmd/unix/python/shell_reverse_tcp_ssl) > show advanced

Module advanced options (payload/cmd/unix/python/shell_reverse_tcp_ssl):

   Name                        Current Setting  Required  Description
   ----                        ---------------  --------  -----------
   AutoRunScript                                no        A script to run automatically on session creation.
   AutoVerifySession           true             yes       Automatically verify and drop invalid sessions
   CommandShellCleanupCommand                   no        A command to run before the session is closed
   CreateSession               true             no        Create a new session for every successful login
   HandlerSSLCert                               no        Path to a SSL certificate in unified PEM format
   InitialAutoRunScript                         no        An initial script to run on session creation (before AutoRunScript)
   ReverseAllowProxy           false            yes       Allow reverse tcp even with Proxies specified. Connect back will NOT go through proxy but directly to LHOST
   ReverseListenerBindAddress                   no        The specific IP address to bind to on the local system
   ReverseListenerBindPort                      no        The port to bind to on the local system if different from LPORT
   ReverseListenerComm                          no        The specific communication channel to use for this listener
   ReverseListenerThreaded     false            yes       Handle every connection in a new thread (experimental)
   SSLVersion                  Auto             yes       Specify the version of SSL/TLS to be used (Auto, TLS and SSL23 are auto-negotiate) (Accepted: Auto, TLS, SSL23, SSL3, TLS1, TLS1.1, TLS1.2)
   StagerRetryCount            10               no        The number of times the stager should retry if the first connect fails
   StagerRetryWait             5                no        Number of seconds to wait for the stager between reconnect attempts
   VERBOSE                     false            no        Enable detailed status messages
   WORKSPACE                                    no        Specify the workspace for this module

Go back to menu.

Go back to menu.

See Also

Check also the following modules related to this module:

Authors

  • Spencer McIntyre
  • RageLtMan <rageltman[at]sempervictus>

Version

This page has been produced using Metasploit Framework version 6.1.36-dev. For more modules, visit the Metasploit Module Library.

Go back to menu.