Friday, October 4, 2013

RubyCat - A Pure Ruby NetCat Alternative

It's been a while and one of the last things I posted was about me off having fun with learning Ruby, so I thought I might share one of the more useful pieces of code I was able to come up with. I mashed up my reverse shell, my bind shell, and simple sockets connector and listener and came up with a simple to use script to simulate most of the basic or common tasks one might use Netcat for. As you know Netcat is often limited, flagged, or compiled without the -e GAPING_SECURITY_HOLE enabled which can make life hard on us as testers. This is one more thing you can add to the old bag of tricks to wiggle out of such situations if Ruby is available to you. It uses all standard libs so should work on any system with relatively recent ruby version installed, although I honestly have not widely tested it out yet so perhaps you can share your feedback with me to help improve a little. Some quick examples to highlight basic usage....

Open a listener on local machine using port 31337 and catch a reverse shell from somewhere:
COMMAND: ./rubycat.rb -l -p 31337

Connect to a Bind Shell you have waiting somewhere else:
COMMAND:  ./rubycat.rb -c -i -p 5151

Launch a Bind Command Shell on localhost on port 31337 with password (default password is 'knock-knock'):
COMMAND: ./rubycat.rb -b -p 31337 -P s3cr3tp@ss

NOTE: If you enter the wrong pass, it will print funny message then go silent. You have to re-connect to try and login again.

Launch a Command Reverse Shell to provided IP and Port:
COMMAND: ./rubycat.rb -r -i -p 31337

The 328 lines of Ruby which make it all possible: LINK

Hope this is useful to someone out there....

Until next time, Enjoy!

No comments:

Post a Comment