I know that reverse shell lets victim connects to us but i heard that people mostly use reverse shell ,why to use reverse shell while hacking the nework outside our local network as we have to do port forwarding?it only brings some extra work
Forum Thread: Why to Use Reverse Shell?
- Hot
- Active
-
Forum Thread:
Introduction to Web Scarping by Mohamed Ahmed
6
Replies
2 min ago -
Forum Thread:
Hack Instagram Account Using BruteForce
197
Replies
10 hrs ago -
Forum Thread:
How to Hack School Website
9
Replies
14 hrs ago -
Forum Thread:
Gaining Access into the Victim's Whatsapp on Android
16
Replies
15 hrs ago -
Forum Thread:
Hack and Track People's Device Constantly Using TRAPE
35
Replies
2 days ago -
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
51
Replies
2 days ago -
Forum Thread:
Bypassing DeepFreeze Without Reseting the Password?
5
Replies
2 days ago -
Forum Thread:
How to Hack CCTV Private Cameras
68
Replies
2 wks ago -
Forum Thread:
Hacking Facebook,Twitter,Instagram Account Passwords with BruteForce
164
Replies
3 wks ago -
Forum Thread:
How to Gain Access to an Android Over WAN
24
Replies
1 mo ago -
Forum Thread:
Discord Channel
3
Replies
1 mo ago -
Forum Thread:
Complete Guide to Creating and Hosting a Phishing Page for Beginners
50
Replies
2 mo ago -
Forum Thread:
HELP I Created an Apk for Hacking My Phone Using Kali Linux in Virtual Box How Can I Install That Apk on My Phone
18
Replies
2 mo ago -
Forum Thread:
Mitm attack problem
2
Replies
2 mo ago -
Metasploit Error:
Handler Failed to Bind
40
Replies
2 mo ago -
Forum Thread:
How to Know if You Are a Script Kiddie?
9
Replies
3 mo ago -
Forum Thread:
How to Identify and Crack Hashes
8
Replies
3 mo ago -
Forum Thread:
Whenever I Try "Airmon-Ng Start wlan0" There's an Error?
16
Replies
3 mo ago -
Forum Thread:
How to Fix 'Failed to Detect and Mount CD-ROM' Problem When Installing Kali Linux
14
Replies
3 mo ago -
Forum Thread:
Awesome Keylogging Script - BeeLogger
30
Replies
3 mo ago
-
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
-
How To:
Scan for Vulnerabilities on Any Website Using Nikto
-
How To:
Find Identifying Information from a Phone Number Using OSINT Tools
-
Android for Hackers:
How to Turn an Android Phone into a Hacking Device Without Root
-
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
-
How To:
Dox Anyone
-
How To:
Crack SSH Private Key Passwords with John the Ripper
-
How To:
Enumerate SMB with Enum4linux & Smbclient
-
How To:
Brute-Force Nearly Any Website Login with Hatch
-
BT Recon:
How to Snoop on Bluetooth Devices Using Kali Linux
-
How To:
Make Spoofed Calls Using Any Phone Number You Want Right from Your Smartphone
-
How To:
Bypass File Upload Restrictions on Web Apps to Get a Shell
-
How To:
Hack Coin-Operated Laudromat Machines for Free Wash & Dry Cycles
-
How To:
Embed a Metasploit Payload in an Original .Apk File | Part 2 – Do It Manually
-
How To:
Bypass Antivirus Software by Obfuscating Your Payloads with Graffiti
-
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
-
How To:
Hack Android Using Kali (Remotely)
-
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
How To:
The Hacks Behind Cracking, Part 1: How to Bypass Software Registration
-
How To:
Spy on Traffic from a Smartphone with Wireshark
1 Response
Mostly for two reasons:
A) Connectivity. We can port forward our router, but not the targets - meaning that if we're both behind NAT, as is likely, we have to use a reverse shell because it's the only way to interact with the target - as we can't contact any bind shells.
B) Stealth. Egress (outbound) filtering is less intense than ingress (inbound) filtering due to overuse of bind shells in the past. As a result, a backdoor with a reverse shell is analyzed less aggressively, and requires fewer privileges, than a comparable bind shell.
It is also important to note that port forwarding is NOT the only way an attacker can direct a reverse shell to their machine - services such as ngrok allow port forwarding without mucking in router settings (I use it religiously when I deal with WAN), or a directly-connected, public-IP server (such as an AWS or DigitalOcean server) can function as a Command-and-Control (C2) server, to which the attacker can connect to interact with any reverse shells it has accumulated. Both of these options also include, by their very nature, a (small) extra layer of stealth - as you invoke a proxy in either case - which is always nice.
Share Your Thoughts