A simple and lightweight server that allows clients to connect and launch a shell remotely through a browser.

Related tags

Networkingnodejsjavascriptpythonconsoleexpressjsremote-shellremote-accessxtermjspython-cryptography
Overview

carrotsh

A simple and lightweight server that allows clients to connect and launch a shell remotely through a browser. Uses xterm.js for the frontend and express for the backend.


Requirements

  • node.js
  • npm
  • python
  • python-cryptography

Installation

# Clone the repository
git clone https://github.com/AnnikaV9/carrotsh.git
 
# Change the working directory
cd carrotsh

# Install the dependencies
npm install

# Start the server
node index.js

Configuration

config.json should be used as the config file.

Available options:

  • port: The port the server should listen on.
  • shell: Path to the shell executable.
  • shell_timeout: The max age (ms) of the spawned shell session.
  • python_path: Path to your python interpreter.
  • salt: The password hashing salt.

Setting a password:

npm install will run setpass.py initially, but you will have to run it again if you change the password salt:

python3 setpass.py



Note: Before using carrotsh in production, it is highly recommended to enable TLS support:

Owner
V9
V9
GitHub Repository
A simple tcpdump sidecar injector to demonstrate Kubernetes's Mutating Webhook

k8s-tcpdump-webhook A simple tcpdump sidecar injector to demonstrate Kubernetes's Mutating Webhook Build and Deploy Build docker image; docker build -

Bilal Ünal 2 Sep 01, 2022
This script aims to make the dynamic public ip of your local server, public.

EZ DDNS CLOUDFLARE This script aims to make the dynamic ip of your local server, public. It does this by regularly updating cloudflare's dns record. B

3 Feb 13, 2022
Tool for quickly gathering information from Shodan.io about the number of IPs which satisfy large number of different queries

TriOp Tool for quickly gathering information from Shodan.io about the number of IPs which satisfy large number of different queries For furt

Jan Kopriva 27 Nov 03, 2022
A simple tool to get information about IP

IP Info Tool Just a simple tool to get IP's information, it uses requests module to gather information about IP, if you dont have much knowledge about

0 Dec 01, 2021
Python Scripts for Cisco Identity Services Engine (ISE)

A set of Python scripts to configure a freshly installed Cisco Identity Services Engine (ISE) for simple operation; in my case, a basic Cisco Software-Defined Access environment.

Roddie Hasan 9 Jul 19, 2022
netpy - more than implementation of netcat 🐍πŸ”₯

netpy - more than implementation of netcat 🐍πŸ”₯

Mahmoud S. ElGammal 1 Jan 26, 2022
CSP-style concurrency for Python

aiochan Aiochan is a library written to bring the wonderful idiom of CSP-style concurrency to python. The implementation is based on the battle-tested

Ziyang Hu 127 Dec 23, 2022
πŸ‘¨πŸΌβ€πŸ’» β€Žβ€Žβ€Žβ€β€ A customizable man-in-the-middle TCP proxy with out-of-the-box support for HTTP & HTTPS.

πŸ‘¨β€πŸ’» mitm A customizable man-in-the-middle TCP proxy with out-of-the-box support for HTTP & HTTPS. Installing pip install mitm Note that OpenSSL 1.1

Felipe 92 Jan 05, 2023
An advanced real time threat intelligence framework to identify threats and malicious web traffic on the basis of IP reputation and historical data.

ARTIF is a new advanced real time threat intelligence framework built that adds another abstraction layer on the top of MISP to identify threats and malicious web traffic on the basis of IP reputatio

CRED 225 Dec 31, 2022
EV: IDS Evasion via Packet Manipulation

EV: IDS Evasion via TCP/IP Packet Manipulation δΈ­ζ–‡ζ–‡ζ‘£ Introduction EV is a tool that allows you crafting TCP packets and leveraging some well-known TCP/

256 Dec 08, 2022
A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

πŸ“‘ WebMap A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation

Iliass Alami Qammouri 274 Jan 01, 2023
Juniper SNMP Migrations For Python

Juniper SNMP Migrations This example will show how to use the PyEZ plugin for Nornir to build a NETCONF connection to a remote device validate that SN

Calvin Remsburg 1 Jan 07, 2022
Module for convenient work with TCP sockets.

m_socket-py Module for convenient work with TCP sockets. Contributing Pool Request is supported! Ask questions in the Issues section. License Copyrigh

Egor Arskiy 5 Mar 09, 2022
Automatically block traffic on Cloudflare's side based on Nginx Log parsing.

AutoRL This is a PoC of automatically block traffic on Cloudflare's side based on Nginx Log parsing. It will evaluate Nginx access.log and find potent

Nova Kwok 62 Dec 28, 2022
Easy to use gRPC-web client in python

pyease-grpc Easy to use gRPC-web client in python Tutorial This package provides a requests like interface to make calls to gRPC-Web servers.

Sudipto Chandra 4 Dec 03, 2022
ip2domain - get ip to domain, Know the domian corresponding to the local network connection IP

What is Sometimes, we need to know what connections our local machine has, and what are their IP, domain name, program and parameters? get ip to domai

51pwn 4 Sep 30, 2022
Library containing the core modules for the kingdom-python-server.

🏰 Kingdom Core Library containing the core modules for the kingdom-python-server. Installation Use the package manager pip to install kingdom-core. p

T10 4 Dec 27, 2021
A library for interacting with APNs and VoIP using HTTP/2.

kalyke A library for interacting with APNs and VoIP using HTTP/2. Installation kalyke requires python 3.6 or later. $ pip install kalyke-apns Usage AP

Yuya Oka 11 Dec 08, 2022
Python script to stop qBittorrent from torrenting without VPN for users with static IP.

Python script to stop qBittorrent from torrenting without VPN for users with static IP.

voidoak_ 1 Oct 25, 2021
It can be used both locally and remotely (indicating IP and port)

It can be used both locally and remotely (indicating IP and port). It automatically finds the offset to the Instruction Pointer stored in the stack.

DiegoAltF4 13 Dec 29, 2022