Skip to content
/ nowebshell Public

a simple bind shell that hijacks TCP connections instead of listening.

tishina.in/ops/pidfd-getfd-shell
5 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

zimnyaa/nowebshell

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
client
client
 
 
pkg/fdclose
pkg/fdclose
 
 
server
server
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
makefile
makefile
 
 

Repository files navigation

nowebshell

explained at tishina.in/ops/pidfd-getfd-shell

The PoC is a simple bind shell with SOCKS5 capabilities 
that hijacks incoming connections to TCP services instead 
of listening on its own. It does this by scanning the `/proc` 
filesystem for connections from whitelisted IPs and using the 
`pidfd_getfd` Linux syscall to duplicate the file descriptor 
for the connection.

About

a simple bind shell that hijacks TCP connections instead of listening.

tishina.in/ops/pidfd-getfd-shell

Resources

Readme
Activity

Stars

5 stars

Watchers

1 watching

Forks

0 forks
Report repository

Languages