During penetration testing if you’re lucky enough to find a remote command execution vulnerability, you’ll more often than not want to connect back to your attacking machine to leverage an interactive shell.
Below are a collection of reverse shells that use commonly installed programming languages, or commonly installed binaries (nc, telnet, bash, etc). At the bottom of the post are a collection of uploadable reverse shells, present in Kali Linux.
Setup Listening Netcat
Your remote shell will need a listening netcat instance in order to connect back.
Set your Netcat listening shell on an allowed port
Use a port that is likely allowed via outbound firewall rules on the target network, e.g. 80 / 443
To setup a listening netcat instance, enter the following:
NAT requires a port forward
If you’re attacking machine is behing a NAT router, you’ll need to setup a port forward to the attacking machines IP / Port.
ATTACKING-IP is the machine running your listening netcat session, port 80 is used in all examples below (for reasons mentioned above).
Bash Reverse Shells
PHP Reverse Shell
Netcat Reverse Shell
Telnet Reverse Shell
Remember to listen on 443 on the attacking machine also.
Perl Reverse Shell
Perl Windows Reverse Shell
Ruby Reverse Shell
Java Reverse Shell
Python Reverse Shell
Gawk Reverse Shell
Kali Web Shells
The following shells exist within Kali Linux, under
/usr/share/webshells/ these are only useful if you are able to upload, inject or transfer the shell to the machine.
Kali PHP Web Shells
||Pen Test Monkey – PHP Reverse Shell|
||Pen Test Monkey, Findsock Shell. Build
||PHP backdoor, usefull for CMD execution if upload / code injection is possible, usage:
||Larger PHP shell, with a text input box for command execution.|
Tip: Executing Reverse Shells
The last two shells above are not reverse shells, however they can be useful for executing a reverse shell.
Kali Perl Reverse Shell
||Pen Test Monkey – Perl Reverse Shell|
||Pen Test Monkey, Perl Shell. Usage:
Kali Cold Fusion Shell
||Cold Fusion Shell – aka CFM Shell|
Kali ASP Shell
||Kali ASP Shells|
Kali ASPX Shells
||Kali ASPX Shells|
Kali JSP Reverse Shell
||Kali JSP Reverse Shell|
You might want to read :