What Is Reverse Shell?
A reverse shell is a shell session that establishes a connection via a remote machine to your target where the target listens on a specific port in which it connects to the remote machine/attackers machine . Instead of the shell being created by the source it will be introduced by the target.
This now begs the question, how do I create a reverse shell. A reverse shell comprises of two scripts, the client side script and the server side script. Using the socket library in python, we can create this.
After doing some coding, I finished creating the server side code:
In this code first we import modules and start listening on the designated port waiting for the target to connect. Once connected, we have access to their command prompt and the code below that allows us to send commands to their command prompt and receive information back. Their is also a special download function in this code which allows you to download a file from the targets laptop.
Now onto the client side script:
In this code there are a lot more modules that are being imported, some are optional like cv2. This is because once the target connects to the attackers laptop, I have added some custom commands you can do as using cmd can be limiting, but too many custom commands will make the file size larger which could raise awareness. If wanted, you can create your own command using cv2 to take pictures or send a live stream of pictures through the users camera to your laptop, however that can cause some issues as I will now mention.
When using this script, you want to run the server side script on your laptop and turn the client side script into an exe using pytoexe or any other module to turn code into an exe. The only problem with this is some modules like cv2 are quite large and provide errors when switching to exe. Nonetheless, before switching to exe you want add your private IP of the network where the RHOST variable is so it connects to you. Your private IP will be something like 192.168.0.110 . After this file is an exe you just run it on your targets laptop and everything should work like a charm.
If you want to take this project to the next step you can look into how to run the code on a users laptop without them seeing the console making it even more secretive, add more custom commands like using OpenCV and allow multiple targets to connect to your one device.
Thanks for reading and I hope you learned something knew.
Picture of script in action:
