Reverse Shell Cheat Sheet Logo

Reverse Shell Cheat Sheet

0
Free
Visit Website

If you're lucky enough to find a command execution vulnerability during a penetration test, pretty soon afterwards you'll probably want an interactive shell. If it's not possible to add a new account / SSH key / .rhosts file and just log in, your next step is likely to be either throwing back a reverse shell or binding a shell to a TCP port. This page deals with the former. Your options for creating a reverse shell are limited by the scripting languages installed on the target system – though you could probably upload a binary program too if you're suitably well prepared. The examples shown are tailored to Unix-like systems. Some of the examples below should also work on Windows if you use substitute "/bin/sh -i" with "cmd.exe". Each of the methods below is aimed to be a one-liner that you can copy/paste. As such they're quite short lines, but not very readable.

FEATURES

ALTERNATIVES

A tool for automated security scanning of web applications and manual penetration testing.

Full-featured C2 framework for stealthy communication and control on web servers.

Boofuzz is a network protocol fuzzing tool that aims to fuzz everything

Redboto is a collection of scripts for red team operations against the AWS API.

A simple file format fuzzer for Android that can fuzz multiple readers at once

A C2 front flow control tool designed to evade detection by Blue Teams, AVs, and EDRs.

A managed code hooking template for .NET assemblies, enabling API hooking, code injection, and runtime manipulation.

MiniCPS is a framework for Cyber-Physical Systems real-time simulation with support for physical process and control devices simulation, and network emulation.