πββ¬Netcat
Last updated
Last updated
Generally speaking, if you can backdoor an existing service, you may not need a reverse shell. For example, if the target machine is already running an SSH server, then you can try adding a new user to it and use that.
If the target machine is running a web server that supports a server-side programming language, then you can leave a backdoor in that language. For example, many Apache servers support PHP, then you can use a PHP βweb shell.β
Ncat is a feature-packed networking utility that reads and writes data across networks from the command line. Ncat was written for the Nmap Project. It uses both TCP and UDP for communication and is designed to be a reliable back-end tool to instantly provide network connectivity to other applications and users. Ncat will not only work with IPv4 and IPv6 but also provide the user with a virtually limitless number of potential uses. The base line of Net Cat is nice as a framework, however the baseline use of it is challenging. The use of Metasploit with Net Cat will help with payloads.
Examples of Netcat with no payload, just a persistent connection.
On the host Server, It is using the NetCat command with the -lnvp The -l is saying that Netcat is listing to port 87. -n Specifies that you don't want to do DNS resolution for any incoming connections. -v: Enables verbose mode, which provides more detailed output about the connections made. -p <port>: Specifies the port number on which to listen for connections.
On the computer connecting, you would run this
The git hub repository cheat sheet helps a lot with creating shells and using net cat and Reversehells. The Metasploit Documentation is extremely helpful and would be worth a look.
