Reverse Shell Cheat Sheet Logo

Reverse Shell Cheat Sheet

0
Free
Visit Website

If you're lucky enough to find a command execution vulnerability during a penetration test, pretty soon afterwards you'll probably want an interactive shell. If it's not possible to add a new account / SSH key / .rhosts file and just log in, your next step is likely to be either throwing back a reverse shell or binding a shell to a TCP port. This page deals with the former. Your options for creating a reverse shell are limited by the scripting languages installed on the target system – though you could probably upload a binary program too if you're suitably well prepared. The examples shown are tailored to Unix-like systems. Some of the examples below should also work on Windows if you use substitute "/bin/sh -i" with "cmd.exe". Each of the methods below is aimed to be a one-liner that you can copy/paste. As such they're quite short lines, but not very readable.

FEATURES

ALTERNATIVES

A toolkit to attack Office365, including tools for password spraying, password cracking, token manipulation, and exploiting vulnerabilities in Office365 APIs and services.

Phrack Magazine is a digital magazine that focuses on computer security and hacking, featuring articles, interviews, and tutorials on various topics related to computer security.

Open-source Java application for creating proxies for traffic analysis & modification.

A powerful penetration testing platform for identifying vulnerabilities and weaknesses in computer systems.

Full-featured C2 framework for stealthy communication and control on web servers.

Modular framework for pentesting Modbus protocol with diagnostic and offensive features.

A collection of scripts for Turbo Intruder, a penetration testing tool

A full-featured reconnaissance framework for web-based reconnaissance with a modular design.

PINNED