🤹♂️Shell Basics
We can also find out what shell language is in use by viewing the environment variables using the env
command
Bind Shells
Let's say this is the target and it's listening on a random port ->
To connect to this target ->
This will not spawn a shell, it's just a Netcat TCP session we have established
To pop a shell we will need to specify the directory
, shell
, listener
, work with some pipelines
, and input
& output
redirection
to ensure a shell to the system gets served when the client attempts to connect.
Binding shell to TCP session ->
And then if we connect to our target ->
Reverse Shells
So we will start by listening on our attackbox ->
It would be rare to see any security team blocking 443 outbound since many applications and organizations rely on HTTPS to get to various websites throughout the workday. That said, a firewall capable of deep packet inspection and Layer 7 visibility may be able to detect & stop a reverse shell going outbound on a common port because it's examining the contents of the network packets, not just the IP address and port.
On our target we can type in the following command ->
If we have an error message such as ->
The Windows Defender antivirus
(AV
) software stopped the execution of the code.
Disable AV
And if we execute the code again we should see this on our attackbox ->
Last updated