How do you find out if your PC is reverse shelled?

Question

I am just wondering, how do you find out is your PC is reverse shelled or not? Does your antivirus protect against it?

score 1 · Answer 1 · answered Jun 29 '17 at 19:11

1.) Netstat -a: look for connections that are not familiar to you. If you are suspicious about one, do a dig and a whois lookup to see who they are.

2.) Check open ports on your machine and your router. Verify your port forwards if enabled. Hackers tend to use the same port especially if the tool was employed by a script kiddie.

3.) Run your AV of choice and do a deep scan.

4.) TronScript: This is a hell of a script that it open source and regarded to be very effective. It's updated frequently. This is the last thing you can do to get rid of any malware/issues before doing a full clean wipe and clean install of your OS of choice. TronScript has good logging and it will tell you directly what it is doing and when. Read more at the link I provided.

score 0 · Answer 2 · answered Jun 29 '17 at 18:21

0

You can use a netstat command to look for active connection. Any suspicious connection on strange port should be checked.

Most of antivirus have this kind of checkings too.

answered Jun 29 '17 at 18:21

OscarAkaElvis

5,185
3
17
48

How do you find out if your PC is reverse shelled?

2 Answers2