80 lines
3.0 KiB
Markdown
80 lines
3.0 KiB
Markdown
# gommand
|
|
|
|
A standalone shell including remote access through your browser.
|
|
|
|
The shell has multiple features:
|
|
|
|
* Fully interactive shell in your browser
|
|
* Upload and download through to the browser
|
|
* Bash/emacs like controls
|
|
* Persistent color themes
|
|
* Resize rows and columns in interactive and non interactive shell by resizing
|
|
the browser window
|
|
* Connect to a control server like [gontrol](https://git.stefan.works/whx/gontrol)
|
|
|
|
## Execute gommand
|
|
|
|
Just start the binary, the TCP the shell is running on port will be chosen randomly.
|
|
If not sufficient, the port to connect directly to the shell can be chosen via
|
|
`-interactive-port` followed by your preferred TCP port. Furthermore, you can
|
|
chose the network interface `gommand` is using.
|
|
|
|
To connect `gommand` as an agent to a
|
|
[gontrol](https://git.stefan.works/whx/gontrol) C2 server, you can setup the IP
|
|
address and port. By default VPN interfaces like IPSec and wireguard will be
|
|
prioritized higher by `gommand`. That means if the network interface has not
|
|
been chosen manually, The first VPN interfaces will be used.
|
|
|
|
```sh
|
|
$ gommand --help
|
|
|
|
Usage of gommand:
|
|
-interactive-port string
|
|
Port to connect directly to the agent's webapp. Port will be random if not set.
|
|
-network-interface string
|
|
Network interface to bind to. Will bind to the first non loopback interface if not set. VPN interfaces will be preferred.
|
|
-server-address string
|
|
IP Address of the C2 server. (default "127.0.0.1")
|
|
-server-port string
|
|
Websocket port of the C2 server. (default "5555")
|
|
```
|
|
|
|
## Usage
|
|
|
|
Once the binary of the shell has been executed on the target you can open the
|
|
shell via browser connection. The TCP port will be chosen randomly if not set
|
|
as a parameter at startup.
|
|
|
|
Connect to the shell by putting IP address and port into the address input bar
|
|
of your browser.
|
|
|
|
Once you have opened the shell in your browser use it like any other command
|
|
line interface. You are greeted by the non interactive shell mode. This
|
|
includes uploading, downloading and setting the color theme of the shell. You
|
|
can switch to a completely interactive shell from here.
|
|
|
|
Type help inside the shell to get more information:
|
|
|
|
```sh
|
|
$ help
|
|
|
|
This is a shell in the browser, a web shell.
|
|
|
|
It includes a non-interactive shell with an optional interactive mode.
|
|
Furthermore, additional commands to ease communications between server
|
|
and client.
|
|
|
|
Available Commands:
|
|
upload Upload files to the server through the file selector of the browser.
|
|
download <file> Download files from the server to your local download directory.
|
|
theme <theme> Change the colorscheme of the shell. Type theme to get an overview of all colorschemes.
|
|
start-interactive Opens a shell in an interactive terminal. Type ctrl+d to go back to non-interactive mode.
|
|
```
|
|
|
|
### Interactive Mode
|
|
|
|
Use the command `start-interactive` to switch to an interactive shell. Once
|
|
activated you can use binaries and shell-builtins which need interaction. For
|
|
example `less`, `vim`, your favorite package manager or initial connection to a
|
|
server using `ssh`.
|