Skip to content

constarg/simple-reverse-shell

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

46 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Simple Reverse Shell

GitHub license Release Purpose OS

What a reverse shell is?

A reverse shell, also known as a remote shell or “connect-back shell,” takes advantage of the target system’s vulnerabilities to initiate a shell session and then access the victim’s computer. The goal is to connect to a remote computer and redirect the input and output connections of the target system’s shell so the attacker can access it remotely.

Reverse shells allow attackers to open ports to the target machines, forcing communication and enabling a complete takeover of the target machine. Therefore it is a severe security threat. This method is also commonly used in penetration tests.

Source: https://www.imperva.com/learn/application-security/reverse-shell/

Disclaimer

As a student who likes the field of security, I always wondered how one could programmatically implement such a tool. The tool is a simple, well commented project for anyone who is purely interested in the educational part only!! like me. Therefore, I bear no responsibility, in case someone, somehow, uses this tool, for any malicious purpose. I hope you like my project and found it interesting, keep learning.

GitHub Policy on active-malware-or-exploits

https://docs.github.com/en/site-policy/acceptable-use-policies/github-active-malware-or-exploits

Installation requirements

The following packages must be installed.

sudo apt-get install build-essential git gcc

Download & Build

First download the program from GitHub and go to the simple-reverse-shell folder.

% git clone https://github.com/constarg/simple-reverse-shell.git
% cd simple-reverse-shell/

After installation the program must be built. In order to build the program, the following instruction must be followed.

% make

Usage

revershell [OPTION]...
  client [IP] [PORT], Try to connect on a server with ip address [ IP ] on port [ PORT ].
  server [PORT], Listen on port [ PORT ].

In the above usage example, the server plays the role of the system to be attacked and the client plays the role of the attacker. So by running the server on a certain computer, it forces the system to open a port to listen for a client. The client (attacker) can then, if he has access to that computer over the network, run the program as a client and connect to the port that that computer is listening on.

Diagram

With a diagram as shown below, I believe it will be fully understood.

image