Skip to content

Reverse TCP Listener for Built Agents

This listener creates a TCP connection channel between the agent (client) and the C2 server. The agent connects to the C2 listener by using one or more specified hosts and port. All data is transmitted immediately without sleep or bandwidth limits.

Plugin ID: shelldot.listener.agent-reverse-tcp

Configuration

The table below lists the required configuration parameters:

Attribute Description
hosts An array of IP addresses or hostnames the agent will use to connect to C2.
port The TCP port on which the C2 server listens for connection.
handshakeBytes Random bytes used for the initial handshake between the C2 and the agent.
startTime (Optional) The start time if the listener should delay its start (ISO format).

Example (POST Request)

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
POST /api/v1/listeners HTTP/1.1
Authorization: Bearer {JWT_TOKEN}
Content-Type: application/json

{
  "plugin": "shelldot.listener.agent-reverse-tcp",
  "name": "my-tcp-reverse-listener",
  "configuration": {
    "hosts": [
      "192.168.32.135"
    ],
    "port": 5555,
    "handshakeBytes": "QUFBQQ==",
    "startTime": "2023-04-10T11:02:09Z"
  }
}