reverseshell

Reverse Shell Cheat Sheet

If you’re lucky enough to find a command execution vulnerability during a penetration test, pretty soon afterwards you’ll probably want an interactive shell. If it’s not possible to add a new account / SSH key / .rhosts file and just log in, your next step is likely to be either trowing back a reverse shell or binding […]

php-reverse-shell

This tool is designed for those situations during a pentest where you have upload access to a webserver that’s running PHP.  Upload this script to somewhere in the web root then run it by accessing the appropriate URL in your browser.  The script will open an outbound TCP connection from the webserver to a host […]

perl-reverse-shell

This tool is designed for those situations during a pentest where you have upload access to a webserver that’s running PERL.  Upload this script to somewhere in the web root then run it by accessing the appropriate URL in your browser.  The script will open an outbound TCP connection from the webserver to a host […]

The Perfect Web Backdoor

I’m sure most pentesters have had cause to use the likes of cmdasp.asp, or cobble together a simple PHP script based around “passthru” or “system”.  There’s loads more functionality that would be useful in such backdoors, though.  They could be made less dangerous by building in authentication, and more functional by building in database client […]