EzpzShell = "Easy Peasy Shell"
👉 EzpzShell GitHub: https://github.com/H0j3n/EzpzShell
WHAT IS EzpzShell?
EzpzShell is a Python script that helps to streamline the revshell payload and listener creation process for ethical hackers, pentesters, and CTF gamers.
There are many file types available, and it outputs several different payload options to choose from, letting you pick the most efficient option for your specific use case.
Today I’ll guide you through the installation and setup of
EzpzShell.py on Kali Linux in a virtual hacking lab setup.
👉 Recommended: How I Set Up My Virtual Hacking Laboratory for Safe and Legal Penetration Testing
We’ll need to temporarily switch the internet setting on our attack machine (Kali) to “bridged adapter”. This will create an IP for our virtual machine as if it was a physical machine on our own network.
After switching the setting, we boot up Kali and grab the Git repo for
Now that we have installed
EzpzShell.py on our Kali VM, let’s shut it down and switch the network setting back to “host-only adapter”.
This will switch the internet off again and put the attack box back into the hacking lab network.
CREATE A BASH ALIAS
To simplify the command (
python3 ~/EzpzShell.py) into a one-word command we can add the following line to a new file
Next, let’s run the following command to make the bash alias permanent.
Now we can easily run
EzPzShell.py from any directory on Kali with the command:
EXAMPLE OF A REVERSHELL EZPZSHELL ON OUR VIRTUAL HACKINGLAB
We’ll run the command “
ezpz 192.168.60.4 8888 py” to see a list of reverse shell payloads.
This is quicker than poking around the web for the right kind of shell, and it is also super handy that the listener is automatically started up and set to receive the revshell.
Let’s use the first payload, the python script:
After copying and pasting this into a new
shell.py file on the target machine, we can trigger the revshell by running the program on our target machine:
And we catch it with EzPzShell immediately on our Kali attack machine!
As you can see, EzPzShell is a versatile Python script for reverse shell payload creation and listener spawning.
It seamlessly sets up our listener to catch the revshell using the file type of our choice from a long list of options. I’ll be adding EzPzShell to my regular pen-testing toolkit and am confident that it will save me lots of time down the road in various CTF challenges and pentesting scenarios.
Lookout for EzpzShell in future hacking tutorial videos.
👉 Recommended: [TryHackMe] Skynet Walkthrough Using Remote File Inclusion
I am a freelance ethical hacker/penetration tester. I have extensive experience in penetration testing and vulnerability assessments on web apps and servers. I am also fluent in Mandarin and have 15 years of experience as an edTech integration specialist, curriculum designer, and foreign language teacher. Here’s my personal website.