v0.0.1

First version. Armv7l compiled version (e.g. Raspbian on RPi 3) is attached for convenience. You need to provide your own certificates:

• For the client you need a trusted root CA certificate.
• For the server you need a server certificate concatenated with all CA levels up to (but not including) the root, and a private key for the server certificate (i.e. the first certificate in the bundle).

To start the server (let's say on host updatesupport.example.com):

./ReverseShellServer --port 433 --cert cert_bundle.cert.pem --key privatekey.key.pem

Then to connect from a client:

./ReverseShellClient --verify root_ca.cert.pem wss://updatesupport.example.com:433

Once the client has connected the server will have an interactive shell on the client. If more connections come in they will be queued up until the server closes the active connection.

To Do:

• Add the ability to arbitrarily switch between connections on the server
• Add the ability to specify a script file to execute when a client connects (interactive shell is not very scalable)
• Add the ability to sign arbitrary files to download and run, effectively creating signed update bundles