Reverse Shell equal OpenSSL

Tram Ho

When I learned about shells and how to shell on the target system, I found it very interesting. So wrote this article to share what I have heard and found out.

If you don’t know what shell is, read Shell (computing) on Wikipedia.

On Google there are many articles explaining what a shell is and what is used to be able to reach the shell on the target’s system.

After a while I learned that there are many different ways used to shell. We can use netcat, python, php, .net, etc and cloud cloud. And then I found a way to another shell that is to use OpenSSL .

Prepare

First we need to generate the key on the computer the target will connect to (in fact it’s our server). Run the command below to generate the key

When the system asks me to enter, press Enter until finished.

Create a listening connection

Once you’ve created the key, the next one is to create a listener on the server. Run the command below to create a listen connection:

A port is open, waiting for the target to connect.

Perform a reverse shell

Once a listener is opened, on the victim’s computer we run a command to perform a reverse shell on our machine. Run the command below

In the demo, I use ubuntu computer to be my target computer.

As shown in the picture, we have performed the reverse shell successfully.

Bonus

When doing a reverse shell we cannot use vim. But with OpenSSL, we can use it.

Refer

https://medium.com/@int0x33/day-43-reverse-shell-with-openssl-1ee2574aa998

Share the news now

Source : Viblo