Johnermac
  • About me
  • Active Directory
    • PowerShell
      • Customize
      • Notes
      • ETW
      • AMSI Bypass
      • Obfuscation
    • Enumeration
      • Domain
      • GPO
      • ACL
      • Domain Trusts
      • Forest
      • Extra
      • BloodHound
      • BloodHound CE
  • Tunneling
    • Tools
      • Udp2Raw
      • Fraud Bridge
      • Chisel
      • SSF
      • Egress-Assess
      • Ligolo-ng
      • Sshutle
      • Rpivot
      • Tunna
      • reGeorg
      • Neo-reGeorg
      • PivotSuite
  • Post-Exploitation
    • Data Exfiltration
      • HTTP
        • Cancel
        • wget
        • bash
        • busybox
        • IRB
        • PHP
        • Ruby
      • ICMP
        • XXD
        • Ruby
        • Python
      • UDP
        • Netcat
      • TCP
        • Netcat
        • KSH
        • whois
        • Finger
      • HTTPS
        • Python
        • OpenSSL
  • BLOG
    • Articles
      • Pivoting for Red Teaming
Powered by GitBook
On this page
  • Updates
  • Usage
  • Exfiltrate Files
  • Notes
  1. Tunneling
  2. Tools

Neo-reGeorg

Neo-reGeorg is a project that seeks to aggressively refactor reGeorg

PreviousreGeorgNextPivotSuite

Last updated 1 year ago

Source: https://github.com/L-codes/Neo-reGeorg

Updates

  • supports Python3

  • we can generate password protected webshells:

    python3 neoreg.py generate -k password

  • and then open the connection with that password

    python3 neoreg.py -k password -u <target-ip>/tunnel.xxx

  • We can open a server using Golang

    go run neoreg_servers/tunnel.go 8000

Usage

Make sure your /etc/proxychains.conf have the line:

  • socks5 127.0.0.1 1080

Exfiltrate Files

Notes

  • web shell using go is way more reliable

  • it supports python3 - great

  • and some other new cool functionalities like camouflage page, redirect url (works only w/ .jsp), extract BODY content manually with --extract EXPR

  • bref - it's an improved reGeorg

Generate password protected web shells
Using go as webserver
Connecting to the web shell
Use proxychains to access content through the tunnel
wireshark results
Set netcat to send files
Grab files through the tunnel
Wireshark Results