A standalone shell with remote access through the browser

Go to file

Stefan Etringer bc09faf7cb added readme for download and upload through the gontrol server		2025-10-06 10:35:11 +00:00
src/agentconnector	cleanup	2025-07-02 10:59:26 +00:00
static	added support for download and upload through the gontrol server	2025-07-09 14:43:28 +00:00
templates	added support for interactive terminal session via proxy agent	2025-06-27 13:05:18 +00:00
.gitignore	separated templates and made the binary standalone, which means there are no external files needed for the template after compilation	2025-02-05 11:59:26 +00:00
LICENSE	Initial commit	2025-01-28 09:01:15 +01:00
Makefile	cleanup	2025-07-02 10:59:26 +00:00
README.md	added readme	2025-10-06 10:35:11 +00:00
go.mod	added interactive-mode	2025-02-11 14:11:22 +00:00
go.sum	added interactive-mode	2025-02-11 14:11:22 +00:00
main.go	added support for download and upload through the gontrol server	2025-07-09 14:43:28 +00:00

README.md

gommand

A standalone shell including remote access through your browser.

The shell has multiple features:

Fully interactive shell in your browser
Upload and download through to the browser
Bash/emacs like controls
Persistent color themes
Resize rows and columns in interactive and non interactive shell by resizing the browser window
Connect to a control server like gontrol

Execute gommand

Just start the binary, the TCP the shell is running on port will be chosen randomly. If not sufficient, the port to connect directly to the shell can be chosen via -interactive-port followed by your preferred TCP port. Furthermore, you can chose the network interface gommand is using.

To connect gommand as an agent to a gontrol C2 server, you can setup the IP address and port. By default VPN interfaces like IPSec and wireguard will be prioritized higher by gommand. That means if the network interface has not been chosen manually, The first VPN interfaces will be used.

$ gommand --help

Usage of gommand:
  -interactive-port string
        Port to connect directly to the agent's webapp. Port will be random if not set.
  -network-interface string
        Network interface to bind to. Will bind to the first non loopback interface if not set. VPN interfaces will be preferred.
  -server-address string
        IP Address of the C2 server. (default "127.0.0.1")
  -server-port string
        Websocket port of the C2 server. (default "5555")

Usage

Once the binary of the shell has been executed on the target you can open the shell via browser connection. The TCP port will be chosen randomly if not set as a parameter at startup.

Connect to the shell by putting IP address and port into the address input bar of your browser.

Once you have opened the shell in your browser use it like any other command line interface. You are greeted by the non interactive shell mode. This includes uploading, downloading and setting the color theme of the shell. You can switch to a completely interactive shell from here.

Type help inside the shell to get more information:

$ help

This is a shell in the browser, a web shell.

It includes a non-interactive shell with an optional interactive mode.
Furthermore, additional commands to ease communications between server
and client.

  Available Commands:
    upload            Upload files to the server through the file selector of the browser.
    download <file>   Download files from the server to your local download directory.
    theme <theme>     Change the colorscheme of the shell. Type theme to get an overview of all colorschemes.
    start-interactive Opens a shell in an interactive terminal. Type ctrl+d to go back to non-interactive mode.

Interactive Mode

Use the command start-interactive to switch to an interactive shell. Once activated you can use binaries and shell-builtins which need interaction. For example less, vim, your favorite package manager or initial connection to a server using ssh.