- Joined
- Jan 8, 2019
- Messages
- 56,605
- Solutions
- 2
- Reputation
- 32
- Reaction score
- 100,451
- Points
- 2,313
- Credits
- 32,570
6 Years of Service
76%
LAZYPARIAH is a simple and easily installable command-line tool written in pure Ruby that can be used during penetration tests and capture-the-flag (CTF) competitions to generate a range of reverse shell payloads on the fly.
The reverse shell payloads that LAZYPARIAH supports include (but are not limited to):
C binary payloads (compiled on the fly): c_binary
Ruby payloads: ruby, ruby_b64, ruby_hex, ruby_c
Powershell payloads: powershell_c, powershell_b64
Base64-encoded Python payloads: python_b64
Rust binary payloads (compiled on the fly): rust_binary
PHP scripts containing base64-encoded Python payloads called via the system() function: php_system_python_b64
Java classes (compiled on the fly): java_class
Perl payloads: perl, perl_b64, perl_hex, perl_c
Simple PHP payloads (targeting specific file descriptors): php_fd, php_fd_c, php_fd_tags
Dependencies
Ruby >= 2.7.1 (LAZYPARIAH has not been tested on previous versions of Ruby)
OpenJDK (Optional: Only required for java_class payloads.)
GCC (Optional: Only required for c_binary payloads.)
Rust (Optional: Only required for rust_binary payloads.)