Persistent reverse shell and connection manager. Originally designed for Linux but has cross platform support. Functionally a lightweight C2. The main idea is for a simple and modular C2 where all components can be hosted on a single server or have database, listener, builder, and interface all on seperate servers with any combination.
UPLINK will work on Windows or Linux
This is probably the best approach for now.
Pocketbase is used on the backend (didn't feel like writing backend code) but will probably be switched for sqlite in the future.
- Install pocketbase on your system
- Place the prebuilt binary in the
pb
directory
- Place the prebuilt binary in the
- Start Pocketbase with
pocketbase serve
- You will need to manually import the collection using
pb_schema.json
from the web interface for now
- go run
UPLINK/server/uplink.go
- Navigate to
\uplink-fe
and runnpm install
(first run only) and thennpm run dev
- Navigate to
UPLINK\builder
and start the Builder APIpython app.py
Main client is currently a lightweight python client. It's essentially a python reverse shell with some added features for client management and reconnection. Client will attempt to connect to the server if it fails it will sleep for some time and attempt reconnection. If the connection succeeds it sends a randomly generated client id
to the server and starts a thread that sends a reverse shell to the socket connection.
Python - Generic multipurpose reverse shell Native Executable (C) (Work in progress)
The server is a small go program that can multiplex connections from clients. It can accept connections from the python script or other valid reverse shells (untested). Clients get upserted into the database backend and can be managed through the CLI or using the API.
GET /status/
- Returns a JSON array of Client IDs present in activeClients
slice
POST /command/:id
- Sends a command to client based on ID and returns the result
Nuxt.js application for managing client connections. Intended to be used rather than the CLI. Future versions will include more robust client management features and payload builder/distribution support.
Separate API for building and serving payloads. Right now only Python implant is functional. It will generate a payload with a random ID and host the payload at {BUILDER_IP}:{BUILDER_PORT}/dl/{payload}
.
PocketBase is used for backend and database management. Please read their documentation for more information.
- Go
- Node.js
- PocketBase
- Python Flask
- Windows Client (C)
- Linux Client (C)
- Netcat Client
- [ x ] Add builder to WebUI [In progress]
- Support different client types
- Allow hostname
- Submit to payloads table
- Remove hardcoded values (Configuration) [In progress]
- Installation script