A reverse shell is a payload, typically expressed as shellcode, that connects to a listener hosted on a machine controlled by the attacker. Conversely, with bind shells, the listener is established on the victim host, requiring the attacker to subsequently connect to the victim in order to use the shell.
Links to this note
- Linux Persistence: Processes
- unveilingsedexp-reichert2024
- toroiseandthemalwahare-pwc2023
- tricephalichellkeeper-pourcelot2022
- linenoise-phrack71-2024
- unpacking diicot-tikochinski2024
- encrypted bind and reverse shells with socat - erev0s 2020
- hackingteamwriteup-fisher2016
- chaos-blacklotuslabs2022
- upgradingpty-ropnop2017
- Jynx rootkit
- stealthshell-petrich2024
- attackers gaining shells
- bindshell
- nc -e
- Netcat
- netcat reverse shells
- Perl reverse shell
- port knocking
- PRISM backdoor
- reverse shell cheat sheet
- reverse_ssh
- simple shells running under netcat or a basic socket program/script have a suboptimal user experience
- socat tty listener
- vanilla reverse shell