Reverse Shell Cheat Sheet
#Security Testing#Offensive Security
A framework for testing and exploiting race conditions in software
If You're Fortunate Enough to
If you're fortunate enough to discover a command execution vulnerability during a penetration test, you will likely want an interactive shell shortly thereafter. If adding a new account, SSH key, or .rhosts file to log in isn't feasible, your next move will probably involve either initiating a reverse shell or binding a shell to a TCP port.
This page addresses the previous topic
Your options for creating a reverse shell are constrained by the scripting languages that are installed on the target system. However, if you are adequately prepared, you could also upload a binary program.
Examples for Unix-like Systems and Windows Compatibility
The examples provided are specifically designed for Unix-like systems. However, some of the examples below can also function on Windows if you replace "/bin/sh -i" with "cmd.exe". Each method listed is intended to be a one-liner that you can easily copy and paste. While these lines are concise, they may sacrifice some readability.
