Reverse Shell

Original Author: Raj Chandel

Table of Contents

Abstract................................................................................................................................................... 3
What is Reverse Shell? ........................................................................................................... 4
Types of Reverse Shell ........................................................................................................... 4
Working of Reverse Shells .................................................................................................... 5
Various Type Reverse Shell Generator................................................................................................ 6
Reverse Shell Generator -1 .................................................................................................. 6
Reverse Shell Generator -2 .................................................................................................. 9
HackTool .................................................................................................................................... 10
Shellz .......................................................................................................................................... 13
Mitigation ............................................................................................................................................. 20
Conclusion ............................................................................................................................................ 21
References ........................................................................................................................................... 21

Page | 2
 Credits to Hacking Articles

Abstract
A reverse shell is a type of connection where a target device initiates
communication back to an attacker's system, allowing the attacker to remotely
control the target. It is often used in penetration testing or cyberattacks to bypass
firewalls and gain unauthorized access.

This report explores the concept of reverse shells, a powerful tool often used in
cybersecurity to remotely access and control systems. We'll demonstrate how to
create and use reverse shells, providing a step-by-step guide to understand their
functionality, potential risks and mitigations.
Disclaimer: This report is provided for educational and informational
purpose only (Penetration Testing). Penetration Testing refers to legal
intrusion tests that aim to identify vulnerabilities and improve cybersecurity,
rather than for malicious purposes.

Page | 3
 Credits to Hacking Articles

What is Reverse Shell?

A reverse shell is a technique used in computer security and hacking that allows an attacker to
gain control over a system through an established network connection. Reverse shells can be
used for various purposes, including unauthorized access, data theft, and further exploitation
of the compromised system.

A reverse shell, however, works in the opposite direction.

Here’s a basic explanation of how a reverse shell typically works:

Listener/Server Side: The attacker sets up a listener (command and control/C2 server) on a
machine they control. This listener waits for incoming connections.

Victim/Client Side: The attacker somehow tricks the target system into connecting back to
their machine. This could be through techniques like exploiting vulnerabilities, social
engineering, or other means.

Connection Establishment: Once the connection is established, the attacker gains a command
shell on the target system. This shell allows them to execute commands on the target machine
as if they were physically present.

Command Execution: The attacker can then issue commands on the target system, navigate
the file system, run programs, and essentially control the system remotely.

Types of Reverse Shell

Reverse shell payloads are typically used by attackers to establish a connection back to their
system. These payloads can be part of various hacking tools and frameworks. Here are some
common types of reverse shell payloads:

Netcat (nc): Netcat is a versatile networking utility that can be used to create a basic reverse
shell. The attacker sets up a listener using Netcat, and the victim connects back to it,
establishing a shell.

Bash (Linux): A simple reverse shell can be achieved using Bash, the command shell for Unix-
based operating systems. The attacker might use a one-liner command to create a reverse shell.

Python: Python is a powerful scripting language, and attackers often use it to create reverse
shells. They can write a short script that opens a network connection and redirects input/output
to that connection.

Page | 4
 Credits to Hacking Articles

PowerShell (Windows): On Windows systems, PowerShell is a command-line shell that

PHP: PHP is a server-side scripting language, and attackers can craft PHP scripts to establish
reverse shell connections. These scripts are often injected into vulnerable web applications.

Ruby: Similar to Python, Ruby is a scripting language that can be used to create reverse shell
payloads. Attackers might use Ruby scripts to exploit vulnerabilities and gain control over a
system.

Metasploit Framework: Metasploit is a penetration testing framework that includes a variety

Java: Java-based reverse shells can be created to exploit systems where Java is installed.
Attackers can use Java sockets to establish a connection back to their server.

C and C++: Attackers may also write custom reverse shell code in lower-level languages like
C and C++ to avoid detection by antivirus software and intrusion detection systems.

Working of Reverse Shells

Page | 5
 Credits to Hacking Articles

A reverse shell operates by initiating a connection between the target machine and the
attacker’s machine. Typically, the target machine sends a connection request to the attacker’s
machine. The attacker’s machine functions as a listener, awaiting commands from the attacker.

Various Type Reverse Shell Generator

To Create a Reverse Shell, we need a reverse shell command and a listener command. And to
generate that go to the following website:

Reverse Shell Generator -1

Once the www.revshells.com is loaded, give your Listerner IP <Attacker IP> address and
Listener Port <Random Port>; as soon as you do this listener and reverse shell command will
be generated as shown in the image below. Execute the reverse shell command on the victim’s
system and run the listener on your attacking machine. Once you do this, you will have your
reverse shell.

Page | 6
 Credits to Hacking Articles

As you can see in the image below, there are various options of the listener you can create such
as powercat, busybox nc, socat, etc. Here we have created a netcat listenser. Even for the
reverse shell we have options like bash, pearl, ruby, nc -c and many more.

From the image below you can also observe that you can create such reverse shell commands
for all the operating systems such as Linux, Windows and Mac.

Page | 7
 Credits to Hacking Articles

This Reverse Shell generator also provide us with the option to create Hoaxshell which is a
powershell payload for windows. The same is shown in the image below:

Page | 8
 Credits to Hacking Articles

Reverse Shell Generator -2

This is an amazing Online reverse shell generator. To use this generator, go to the following
website:

https://tex2e.github.io/reverse-shell-generator/index.html

Once you are on the website, click on the ‘RevShell’ from the menu bar. And then give your
Local Host and Local Port as shown in the image below and then click on the ‘Submit’ button.
After clicking on the submit button, you will have your listener. Simultaneously, it will also
create multiple reverse shell commands for various Operating Systems as shown in the image
below:

Page | 9
 Credits to Hacking Articles

HackTool

HackTools is an all-in-one browser extension designed for Red Team web pentesters. It
streamlines web application penetration tests by providing cheat sheets and an array of essential
tools, including XSS payloads, reverse shells, and more. This extension eliminates the need to
search for payloads on different websites or in your local storage, offering one-click access to
most tools.

Download the Hacktool extension from the following link :

Page | 10
 Credits to Hacking Articles

https://addons.mozilla.org/en-US/firefox/addon/hacktools/

Once the extension is downloaded, access it through the full screen option. From the side bar
go to the Reverse Shell option and give you Local hot and Local Port along with the type of
shell you want to create as shown in the image below. Once you do this, it will create various
reverse shells for you to use as shown in the image below:

Page | 11
 Credits to Hacking Articles

Through Hacktool, you can also create PHP Reverse shell by clicking on the second option on
the side bar and give your Local host and Local Port. Now the extension will create various
PHP reverse shell. You can simply download it and the run it on the victim’s system and have
a reverse shell.

Page | 12
 Credits to Hacking Articles

Shellz

Shellz is a third-party tool which has made creating reverse shells a piece of cake. To download
and install Shellz use the following set of commands as shown in the image below:

Page | 13
 Credits to Hacking Articles

git clone https://github.com/4ndr34s/shells

Once the tool is up and running, it will ask you about the type of reverse shell you want to
create. As we wanted to create a bash shell, we chose the option 3 as shown in the image below:

Page | 14
 Credits to Hacking Articles

After choosing the type of shell you want to create, it will ask you for Local IP and Local Port.
Now choose the type of your IP as shown in the image below:

Page | 15
 Credits to Hacking Articles

After this, it will ask you to if you want to encode your shell. Choose whatever option you like
as we did not want to encode our shell, we chose then option 1 just like it shown in the image
below:

Page | 16
 Credits to Hacking Articles

And finally, it will give you the reverse shell command that you can execute on you r victim’s
system. Then it will ask you the type of listener you want to create. Here, we chose netcat
listener by typing in number 1 as shown in the image below:

Page | 17
 Credits to Hacking Articles

After this, you can tell the tool where you want your session which can be either same window
or a new terminal window just like we have done it. Voila! You will have your session as
shown in the image below:

Page | 18
 Credits to Hacking Articles

To our knowledge, these were the best four easiest methods to create reverse shells. If you try
and google reverse shell generator, it spat out multiple results which you can use too.

Page | 19
 Credits to Hacking Articles

Just like shown in the image above, you can choose and try any method or website you like.

Mitigation
To defend against reverse shells, it’s essential to implement strong security measures, including
firewalls, intrusion detection systems, and regular software updates. Security professionals
should monitor network traffic for suspicious activity and follow best practices for secure
system administration.

Page | 20
 Credits to Hacking Articles

Conclusion
Hence, one can make use of these commands as a cybersecurity professional to
assess vulnerabilities on systems and keep these systems away from threat.

References
• https://www.hackingarticles.in/easy-way-to-generate-reverse-shell/
• www.revshells.com
• https://tex2e.github.io/reverse-shell-generator/index.html
• https://addons.mozilla.org/en-US/firefox/addon/hacktools/

Page | 21