I know that reverse shell lets victim connects to us but i heard that people mostly use reverse shell ,why to use reverse shell while hacking the nework outside our local network as we have to do port forwarding?it only brings some extra work
Forum Thread: Why to Use Reverse Shell?
- Hot
- Active
-
Forum Thread:
What Are Some Good Budget Laptops for Pentestin
12
Replies
2 days ago -
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
8
Replies
2 days ago -
Forum Thread:
Hack Instagram Account Using BruteForce
193
Replies
3 days ago -
Forum Thread:
Create and Use Android/Meterpreter/reverse_tcp APK with Msfvenom?
117
Replies
4 days ago -
Forum Thread:
How Do I Access Different Directories Within Android via Meterpreter
5
Replies
1 wk ago -
Forum Thread:
Best Programming Language?
8
Replies
1 wk ago -
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
4
Replies
1 wk ago -
Forum Thread:
Fix Meterpreter Problem
2
Replies
1 wk ago -
Forum Thread:
Hack and Track People's Device Constantly Using TRAPE
31
Replies
2 wks ago -
Forum Thread:
Need Help with FatRat Over WAN
1
Replies
2 wks ago -
Forum Thread:
Kali Linux Boot Error
8
Replies
2 wks ago -
Forum Thread:
I Want to Hack in to My Friends System Through his wifi router i am controlling
8
Replies
2 wks ago -
Forum Thread:
Kali linux command error. Kindly help
3
Replies
2 wks ago -
Forum Thread:
How to Create a Python Remote Keylogger for Facebook
27
Replies
2 wks ago -
Forum Thread:
Kali Linux Handshake Porblem
2
Replies
2 wks ago -
Forum Thread:
Port Forwarding Problem in Metasploit Can't Establish Connection (WAN)
3
Replies
3 wks ago -
Forum Thread:
GMail Brute Force Dictionary Attack Script
31
Replies
4 wks ago -
Forum Thread:
Msfvenom Android Exploitation Outside LAN?
12
Replies
4 wks ago -
Forum Thread:
How to decrypt .CAP file of handshake during WiFi attack
2
Replies
1 mo ago -
Forum Thread:
Make a Phishing Page for Harvesting Credentials Yourself
7
Replies
1 mo ago
-
How To:
Clear the Logs & Bash History on Hacked Linux Systems to Cover Your Tracks & Remain Undetected
-
How To:
Make Spoofed Calls Using Any Phone Number You Want Right from Your Smartphone
-
How To:
Master Python, Django, Git & GitHub with This Bundle
-
How To:
Hack Android Using Kali (Remotely)
-
How To:
Upgrade a Normal Command Shell to a Metasploit Meterpreter
-
How To:
Phish for Social Media & Other Account Passwords with BlackEye
-
How To:
Brute-Force Nearly Any Website Login with Hatch
-
How To:
Scan for Vulnerabilities on Any Website Using Nikto
-
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How To:
Top 10 Things to Do After Installing Kali Linux
-
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
-
How To:
Crack Password-Protected ZIP Files, PDFs & More with Zydra
-
Hack Like a Pro:
How to Crack Passwords, Part 4 (Creating a Custom Wordlist with Crunch)
-
How To:
Crack Password-Protected Microsoft Office Files, Including Word Docs & Excel Spreadsheets
-
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
Android for Hackers:
How to Turn an Android Phone into a Hacking Device Without Root
-
How To:
Find Identifying Information from a Phone Number Using OSINT Tools
-
How To:
Crack Shadow Hashes After Getting Root on a Linux System
-
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
How To:
Create Custom Wordlists for Password Cracking Using the Mentalist
1 Response
Mostly for two reasons:
A) Connectivity. We can port forward our router, but not the targets - meaning that if we're both behind NAT, as is likely, we have to use a reverse shell because it's the only way to interact with the target - as we can't contact any bind shells.
B) Stealth. Egress (outbound) filtering is less intense than ingress (inbound) filtering due to overuse of bind shells in the past. As a result, a backdoor with a reverse shell is analyzed less aggressively, and requires fewer privileges, than a comparable bind shell.
It is also important to note that port forwarding is NOT the only way an attacker can direct a reverse shell to their machine - services such as ngrok allow port forwarding without mucking in router settings (I use it religiously when I deal with WAN), or a directly-connected, public-IP server (such as an AWS or DigitalOcean server) can function as a Command-and-Control (C2) server, to which the attacker can connect to interact with any reverse shells it has accumulated. Both of these options also include, by their very nature, a (small) extra layer of stealth - as you invoke a proxy in either case - which is always nice.
Share Your Thoughts