One can also use many other different ways to initiate connection to attacker’s system: You can also use any other port, such as port 80 or 443 that are most likely allowed to open by firewalls.įrom victim’s computer, execute the following command to connect attacker’s system: It started Netcat listening on port 4444. Reverse shell is an ideal choice for attacker to plant a backdoor on the comprised computer.įor illustration purpose, let’s have two Linux systems, one is at 192.168.1.19 as attacker, and the other is at 192.168.1.17 as victim.įrom attacker’s system, set it up to listen on a port, for example, port 4444, by executing the follow command: Once the victim’s system is comprised, reverse shell connection can be initiated easily. The connection initiation can be carried out by standalone script or embedded programs, as long as the attacker can get access to the victim computer system.Īttacker gets onto a victim’s computer, mostly through application or system vulnerability exploitation, or malware infection.
Reverse shell connection can be initiated from a victim's computer by executing many different built in system applications, such as bash, telnet, netcat, perl script, python script, php script, etc. When it uses port 443 (SSL), network content cannot be inspected easily since it is encrypted. This makes it difficulty for firewall and other network parameter security solutions to detect and block since they are usually allowed to be open by default. The connection can be made through any port, for example, through port 80 and 443. Reverse shell connection is usually established via TCP protocol, but it has also been seen via ICMP protocol. The attacker can execute any command/program on the victim’s computer at the same privilege as the current login user who initiated the connection. Once the connection is established, it allows attacker to send over commands to execute on the victim’s computer and to get results back. Reverse shell is a kind of “virtual” shell that is initiated from a victim’s computer to connect with attacker’s computer.
0 kommentar(er)
