I know that reverse shell lets victim connects to us but i heard that people mostly use reverse shell ,why to use reverse shell while hacking the nework outside our local network as we have to do port forwarding?it only brings some extra work
Forum Thread: Why to Use Reverse Shell?
- Hot
- Active
-
Forum Thread:
Kali Linux Boot Error
7
Replies
23 hrs ago -
Forum Thread:
This Pills Are Listed on Top 10!
0
Replies
1 day ago -
Forum Thread:
https://www.reddit.com/user/coleenkitchens/comments/i5uy0v/visit/
0
Replies
1 day ago -
Forum Thread:
4.What Are Digital Signatures in Encryption||Beginners Guide for Encryption
0
Replies
1 day ago -
Forum Thread:
Proxychains Not Working or Loading??
2
Replies
1 day ago -
Forum Thread:
how should I start from scratch. I'm a stupid kid
0
Replies
1 day ago -
Forum Thread:
Does Arp Spoofing Needs Monitor Mode?
0
Replies
3 days ago -
Forum Thread:
2.Asymmetric Encryption||Encryption Guide For Beginners
0
Replies
3 days ago -
Forum Thread:
Removing Pay-as-You-Go Meter on Loan Phones.
0
Replies
5 days ago -
Forum Thread:
AMD RX 580 Driver for Kali LINUX
3
Replies
1 wk ago -
Forum Thread:
How to Hack CCTV Private Cameras
65
Replies
1 wk ago -
Forum Thread:
Hacking Facebook,Twitter,Instagram Account Passwords with BruteForce
153
Replies
1 wk ago -
Forum Thread:
How to Get Social Media Accounts and Real Name from the Footprints Left Behind by a Phone Number
7
Replies
1 wk ago -
Forum Thread:
Usb Adapters Compatible with Virtual Machine
1
Replies
1 wk ago -
Forum Thread:
The Only Authentic Way to Hack Instagram!
45
Replies
1 wk ago -
Forum Thread:
Kali Linux Wont Boot on RPI 4 8g
1
Replies
1 wk ago -
Forum Thread:
Mode Monitor Doesn't Work
1
Replies
1 wk ago -
Forum Thread:
Bettercap-Ui Problem in Kali Linux
1
Replies
1 wk ago -
Forum Thread:
Complete Guide to Creating and Hosting a Phishing Page for Beginners
38
Replies
1 wk ago -
Forum Thread:
How Does Someone Attack Account by Just Having Their @Username ? The Application Is Kik!
4
Replies
1 wk ago
-
Hacking iOS:
How to Embed Payloads into iPhone Packages with Arcane
-
How To:
Top 10 Things to Do After Installing Kali Linux
-
Android for Hackers:
How to Turn an Android Phone into a Hacking Device Without Root
-
How To:
Harness the Power of Big Data with This 10-Course Bundle
-
How To:
Hack Android Using Kali (Remotely)
-
How To:
Find Identifying Information from a Phone Number Using OSINT Tools
-
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
How To:
Dox Anyone
-
How To:
Phish for Social Media & Other Account Passwords with BlackEye
-
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How To:
Hunt Down Social Media Accounts by Usernames with Sherlock
-
How To:
Crack Wi-Fi Passwords with Your Android Phone and Get Free Internet!
-
How To:
Hack Wi-Fi & Networks More Easily with Lazy Script
-
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
How To:
The Essential Skills to Becoming a Master Hacker
-
How To:
Create a Persistent Back Door in Android Using Kali Linux:
-
How To:
Scan for Vulnerabilities on Any Website Using Nikto
-
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
-
Hack Like a Pro:
How to Hack Facebook (Facebook Password Extractor)
-
How To:
Intercept & Analyze LAN Traffic with a Packet Squirrel & Wireshark
1 Response
Mostly for two reasons:
A) Connectivity. We can port forward our router, but not the targets - meaning that if we're both behind NAT, as is likely, we have to use a reverse shell because it's the only way to interact with the target - as we can't contact any bind shells.
B) Stealth. Egress (outbound) filtering is less intense than ingress (inbound) filtering due to overuse of bind shells in the past. As a result, a backdoor with a reverse shell is analyzed less aggressively, and requires fewer privileges, than a comparable bind shell.
It is also important to note that port forwarding is NOT the only way an attacker can direct a reverse shell to their machine - services such as ngrok allow port forwarding without mucking in router settings (I use it religiously when I deal with WAN), or a directly-connected, public-IP server (such as an AWS or DigitalOcean server) can function as a Command-and-Control (C2) server, to which the attacker can connect to interact with any reverse shells it has accumulated. Both of these options also include, by their very nature, a (small) extra layer of stealth - as you invoke a proxy in either case - which is always nice.
Share Your Thoughts