home.social

#reverseshell — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #reverseshell, aggregated by home.social.

  1. aRedOpsEagle @[email protected] ·

    Sequence [TryHackMe] [Writeup]

    Room Info Name: Sequence Platform: TryHackMe Difficulty: Medium Link: https://tryhackme.com/room/sequence Description: Chain multiple vulnerabilities to take control of a system. Task 1: Challenge Robert made some last-minute updates to the review.thm website before heading off on vacation. He claims that the secret information of the financiers is fully protected. But are his defenses truly airtight? Your challenge is to exploit the vulnerabilities and gain complete control of the […]

    aredopseagle.wordpress.com/202

    #bugbounty #burpsuite #capturetheflag #crackstation #csrf #ctf
  2. Marduk_James :verified_paw: @[email protected] ·

    New CTF walkthrough for TryHackMe's RootMe. This is a fun one!

    I just published RootMe (CTF Walkthrough) medium.com/p/rootme-ctf-walkth

    #TryHackMe #Cybersecurity #ReverseShell #CTF #PenetrationTesting

    #tryhackme #cybersecurity #reverseshell #ctf #penetrationtesting
  3. Marduk_James :verified_paw: @[email protected] ·

    New CTF walkthrough for TryHackMe's RootMe. This is a fun one!

    I just published RootMe (CTF Walkthrough) medium.com/p/rootme-ctf-walkth

    #TryHackMe #Cybersecurity #ReverseShell #CTF #PenetrationTesting

    #penetrationtesting #ctf #reverseshell #cybersecurity #tryhackme
  4. Script Kiddie @[email protected] ·

    Hiding your callback through HTTPS

    anonsys.net/display/bf69967c-1

    #education #internet #encryption #security #cybersecurity #knowledge
  5. Script Kiddie @[email protected] ·

    Hiding your callback through HTTPS

    anonsys.net/display/bf69967c-1

    #education #internet #encryption #security #cybersecurity #knowledge
  6. Script Kiddie @[email protected] ·

    Hiding your callback through HTTPS

    anonsys.net/display/bf69967c-1

    #education #internet #encryption #security #cybersecurity #knowledge
  7. maschmi @[email protected] ·

    Used #girsh today for the first time with a #HTB box. It is a listener for a reverse shell spawning a fully interactive shell automatically. Worked quite well. I must say, I do miss autocomplete if it is not available.

    I did not do a code review of this tool as I was only using it on an isolated VM. Run at your own risk ;)

    github.com/nodauf/Girsh

    #reverseShell

    #girsh #htb #reverseshell
  8. maschmi @[email protected] ·

    Used #girsh today for the first time with a #HTB box. It is a listener for a reverse shell spawning a fully interactive shell automatically. Worked quite well. I must say, I do miss autocomplete if it is not available.

    I did not do a code review of this tool as I was only using it on an isolated VM. Run at your own risk ;)

    github.com/nodauf/Girsh

    #reverseShell

    #girsh #htb #reverseshell
  9. maschmi @[email protected] ·

    Used #girsh today for the first time with a #HTB box. It is a listener for a reverse shell spawning a fully interactive shell automatically. Worked quite well. I must say, I do miss autocomplete if it is not available.

    I did not do a code review of this tool as I was only using it on an isolated VM. Run at your own risk ;)

    github.com/nodauf/Girsh

    #reverseShell

    #reverseshell #htb #girsh
  10. maschmi @[email protected] ·

    Used #girsh today for the first time with a #HTB box. It is a listener for a reverse shell spawning a fully interactive shell automatically. Worked quite well. I must say, I do miss autocomplete if it is not available.

    I did not do a code review of this tool as I was only using it on an isolated VM. Run at your own risk ;)

    github.com/nodauf/Girsh

    #reverseShell

    #girsh #htb #reverseshell
  11. Hacker News @[email protected] ·

    Malware found on NPM infecting local package with reverse shell

    reversinglabs.com/blog/malicio

    #HackerNews #Malware #NPM #ReverseShell #CyberSecurity #SoftwareDevelopment

    #hackernews #malware #npm #reverseshell #cybersecurity #softwaredevelopment
  12. Hacker News @[email protected] ·

    Malware found on NPM infecting local package with reverse shell

    reversinglabs.com/blog/malicio

    #HackerNews #Malware #NPM #ReverseShell #CyberSecurity #SoftwareDevelopment

    #hackernews #malware #npm #reverseshell #cybersecurity #softwaredevelopment
  13. Hacker News @[email protected] ·

    Malware found on NPM infecting local package with reverse shell

    reversinglabs.com/blog/malicio

    #HackerNews #Malware #NPM #ReverseShell #CyberSecurity #SoftwareDevelopment

    #softwaredevelopment #cybersecurity #reverseshell #npm #malware #hackernews
  14. Hacker News @[email protected] ·

    Malware found on NPM infecting local package with reverse shell

    reversinglabs.com/blog/malicio

    #HackerNews #Malware #NPM #ReverseShell #CyberSecurity #SoftwareDevelopment

    #hackernews #malware #npm #reverseshell #cybersecurity #softwaredevelopment
  15. Pyrzout :vm: @[email protected] ·

    Hacker in Snowflake Extortions May Be a U.S. Soldier krebsonsecurity.com/2024/11/ha #Ne'er-Do-WellNews #ConnorRileyMoucka #telekomterrorist #ALittleSunshine #TheComingStorm #DDoS-for-Hire #JohnErinBinns #cyb3rph4nt0m #Kiberphant0m #Reverseshell #Ransomware #SouthKorea #buttholio #Proman557 #Snowflake #Vars_Secc #Judische #Verizon #Boxfan #ShiBot #Naver #Waifu #ATT

    #ne #connorrileymoucka #telekomterrorist #alittlesunshine #thecomingstorm #ddos
  16. Pyrzout :vm: @[email protected] ·

    Hacker in Snowflake Extortions May Be a U.S. Soldier krebsonsecurity.com/2024/11/ha #Ne'er-Do-WellNews #ConnorRileyMoucka #telekomterrorist #ALittleSunshine #TheComingStorm #DDoS-for-Hire #JohnErinBinns #cyb3rph4nt0m #Kiberphant0m #Reverseshell #Ransomware #SouthKorea #buttholio #Proman557 #Snowflake #Vars_Secc #Judische #Verizon #Boxfan #ShiBot #Naver #Waifu #ATT

    #att #waifu #naver #shibot #boxfan #verizon
  17. Pyrzout :vm: @[email protected] ·

    Hacker in Snowflake Extortions May Be a U.S. Soldier krebsonsecurity.com/2024/11/ha #Ne'er-Do-WellNews #ConnorRileyMoucka #telekomterrorist #ALittleSunshine #TheComingStorm #DDoS-for-Hire #JohnErinBinns #cyb3rph4nt0m #Kiberphant0m #Reverseshell #Ransomware #SouthKorea #buttholio #Proman557 #Snowflake #Vars_Secc #Judische #Verizon #Boxfan #ShiBot #Naver #Waifu #ATT

    #ne #connorrileymoucka #telekomterrorist #alittlesunshine #thecomingstorm #ddos
  18. KrebsOnSecurity RSS @[email protected] ·

    Hacker in Snowflake Extortions May Be a U.S. Soldier

    krebsonsecurity.com/2024/11/ha

    #Ne'er-Do-WellNews #ConnorRileyMoucka #telekomterrorist #ALittleSunshine #TheComingStorm #DDoS-for-Hire #JohnErinBinns #cyb3rph4nt0m #Kiberphant0m #Reverseshell #Ransomware #SouthKorea #buttholio #Proman557 #Snowflake #Vars_Secc #Judische #Shi-Bot #Verizon #Boxfan #Naver #Waifu #ATT

    #ne #connorrileymoucka #telekomterrorist #alittlesunshine #thecomingstorm #ddos
  19. KrebsOnSecurity RSS @[email protected] ·

    Hacker in Snowflake Extortions May Be a U.S. Soldier

    krebsonsecurity.com/2024/11/ha

    #Ne'er-Do-WellNews #ConnorRileyMoucka #telekomterrorist #ALittleSunshine #TheComingStorm #DDoS-for-Hire #JohnErinBinns #cyb3rph4nt0m #Kiberphant0m #Reverseshell #Ransomware #SouthKorea #buttholio #Proman557 #Snowflake #Vars_Secc #Judische #Shi-Bot #Verizon #Boxfan #Naver #Waifu #ATT

    #ne #connorrileymoucka #telekomterrorist #alittlesunshine #thecomingstorm #ddos
  20. KrebsOnSecurity RSS @[email protected] ·

    Hacker in Snowflake Extortions May Be a U.S. Soldier

    krebsonsecurity.com/2024/11/ha

    #Ne'er-Do-WellNews #ConnorRileyMoucka #telekomterrorist #ALittleSunshine #TheComingStorm #DDoS-for-Hire #JohnErinBinns #cyb3rph4nt0m #Kiberphant0m #Reverseshell #Ransomware #SouthKorea #buttholio #Proman557 #Snowflake #Vars_Secc #Judische #Shi-Bot #Verizon #Boxfan #Naver #Waifu #ATT

    #ne #connorrileymoucka #telekomterrorist #alittlesunshine #thecomingstorm #ddos
  21. KrebsOnSecurity RSS @[email protected] ·

    Hacker in Snowflake Extortions May Be a U.S. Soldier

    krebsonsecurity.com/2024/11/ha

    #Ne'er-Do-WellNews #ConnorRileyMoucka #telekomterrorist #ALittleSunshine #TheComingStorm #DDoS-for-Hire #JohnErinBinns #cyb3rph4nt0m #Kiberphant0m #Reverseshell #Ransomware #SouthKorea #buttholio #Proman557 #Snowflake #Vars_Secc #Judische #Shi-Bot #Verizon #Boxfan #Naver #Waifu #ATT

    #att #waifu #naver #boxfan #verizon #shi
  22. KrebsOnSecurity RSS @[email protected] ·

    Hacker in Snowflake Extortions May Be a U.S. Soldier

    krebsonsecurity.com/2024/11/ha

    #Ne'er-Do-WellNews #ConnorRileyMoucka #telekomterrorist #ALittleSunshine #TheComingStorm #DDoS-for-Hire #JohnErinBinns #cyb3rph4nt0m #Kiberphant0m #Reverseshell #Ransomware #SouthKorea #buttholio #Proman557 #Snowflake #Vars_Secc #Judische #Shi-Bot #Verizon #Boxfan #Naver #Waifu #ATT

    #ne #connorrileymoucka #telekomterrorist #alittlesunshine #thecomingstorm #ddos
  23. corbeaucrypto @[email protected] ·

    Mon dieu - Penelope is alright! Probably my favorite #reverseshell catcher for #linux targets. github.com/brightio/penelope

    Highly recommend!

    #reverseshell #linux
  24. corbeaucrypto @[email protected] ·

    Mon dieu - Penelope is alright! Probably my favorite #reverseshell catcher for #linux targets. github.com/brightio/penelope

    Highly recommend!

    #reverseshell #linux
  25. corbeaucrypto @[email protected] ·

    Mon dieu - Penelope is alright! Probably my favorite #reverseshell catcher for #linux targets. github.com/brightio/penelope

    Highly recommend!

    #reverseshell #linux
  26. corbeaucrypto @[email protected] ·

    Mon dieu - Penelope is alright! Probably my favorite #reverseshell catcher for #linux targets. github.com/brightio/penelope

    Highly recommend!

    #linux #reverseshell
  27. corbeaucrypto @[email protected] ·

    Mon dieu - Penelope is alright! Probably my favorite #reverseshell catcher for #linux targets. github.com/brightio/penelope

    Highly recommend!

    #reverseshell #linux
  28. Teri Radichel @[email protected] ·

    Chinese APT Abuses VSCode to Target Government in Asia

    [TR: Wait what? VSCode has a reverse shell feature?! Turn this off. Sounds like something proposed by another large company’s dev team recently.] #devtools #reverseshell #c2

    unit42.paloaltonetworks.com/st

    #devtools #reverseshell #c2
  29. Teri Radichel @[email protected] ·

    Chinese APT Abuses VSCode to Target Government in Asia

    [TR: Wait what? VSCode has a reverse shell feature?! Turn this off. Sounds like something proposed by another large company’s dev team recently.] #devtools #reverseshell #c2

    unit42.paloaltonetworks.com/st

    #devtools #reverseshell #c2
  30. Teri Radichel @[email protected] ·

    Chinese APT Abuses VSCode to Target Government in Asia

    [TR: Wait what? VSCode has a reverse shell feature?! Turn this off. Sounds like something proposed by another large company’s dev team recently.] #devtools #reverseshell #c2

    unit42.paloaltonetworks.com/st

    #devtools #reverseshell #c2
  31. Teri Radichel @[email protected] ·

    Chinese APT Abuses VSCode to Target Government in Asia

    [TR: Wait what? VSCode has a reverse shell feature?! Turn this off. Sounds like something proposed by another large company’s dev team recently.] #devtools #reverseshell #c2

    unit42.paloaltonetworks.com/st

    #c2 #reverseshell #devtools
  32. Teri Radichel @[email protected] ·

    Chinese APT Abuses VSCode to Target Government in Asia

    [TR: Wait what? VSCode has a reverse shell feature?! Turn this off. Sounds like something proposed by another large company’s dev team recently.] #devtools #reverseshell #c2

    unit42.paloaltonetworks.com/st

    #devtools #reverseshell #c2
  33. Gilgwath @[email protected] ·

    Why ara #poc for #vulnerability always #reverseshell ? I get that a reverse shell via RCE is a scary magic trick. But in practical #pentesting more often than not I'd rather have a single fire DNS lookup or HTTP request. It's much saver than dropping a shell into a customers environment and it does the job.

    #informationsecurity

    #poc #vulnerability #reverseshell #pentesting #informationsecurity
  34. loneicewolf @[email protected] ·

    Hello!
    I wanted to share 2 reverse shells I have made in C, for both Windows and Linux! It's only the source codes of them, non-compiled that is.

    They are made with being as short as possible in mind, so they are not "fancy" in any way.

    Contributions is ofc welcome! Reach out to me if you have any questions.
    Have a nice day! I will leave the link to the GitHub Repo below.

    - github.com/loneicewolf/Reverse

    *Hopefully they are useful :tuturu:​

    #reverseshells #reverseshell #reverseengineering

    #reverseshells #reverseshell #reverseengineering
  35. loneicewolf @[email protected] ·

    Hello!
    I wanted to share 2 reverse shells I have made in C, for both Windows and Linux! It's only the source codes of them, non-compiled that is.

    They are made with being as short as possible in mind, so they are not "fancy" in any way.

    Contributions is ofc welcome! Reach out to me if you have any questions.
    Have a nice day! I will leave the link to the GitHub Repo below.

    - github.com/loneicewolf/Reverse

    *Hopefully they are useful :tuturu:​

    #reverseshells #reverseshell #reverseengineering

    #reverseshells #reverseshell #reverseengineering
  36. loneicewolf @[email protected] ·

    Hello!
    I wanted to share 2 reverse shells I have made in C, for both Windows and Linux! It's only the source codes of them, non-compiled that is.

    They are made with being as short as possible in mind, so they are not "fancy" in any way.

    Contributions is ofc welcome! Reach out to me if you have any questions.
    Have a nice day! I will leave the link to the GitHub Repo below.

    - github.com/loneicewolf/Reverse

    *Hopefully they are useful :tuturu:​

    #reverseshells #reverseshell #reverseengineering

    #reverseshells #reverseshell #reverseengineering
  37. loneicewolf @[email protected] ·

    Hello!
    I wanted to share 2 reverse shells I have made in C, for both Windows and Linux! It's only the source codes of them, non-compiled that is.

    They are made with being as short as possible in mind, so they are not "fancy" in any way.

    Contributions is ofc welcome! Reach out to me if you have any questions.
    Have a nice day! I will leave the link to the GitHub Repo below.

    - github.com/loneicewolf/Reverse

    *Hopefully they are useful :tuturu:​

    #reverseshells #reverseshell #reverseengineering

    #reverseengineering #reverseshell #reverseshells
  38. loneicewolf @[email protected] ·

    Hello!
    I wanted to share 2 reverse shells I have made in C, for both Windows and Linux! It's only the source codes of them, non-compiled that is.

    They are made with being as short as possible in mind, so they are not "fancy" in any way.

    Contributions is ofc welcome! Reach out to me if you have any questions.
    Have a nice day! I will leave the link to the GitHub Repo below.

    - github.com/loneicewolf/Reverse

    *Hopefully they are useful :tuturu:​

    #reverseshells #reverseshell #reverseengineering

    #reverseshells #reverseshell #reverseengineering
  39. Chris C @chrisc ·

    SaturdayMP Show #18: Hack the Box - Busqueda Part 2 (Reverse Shell)

    youtu.be/x7oDT3eYqyI

    In this episode I get a reverse shell working and make some progress on capturing the root flag.

    Question you want answered in a future video? Pair on a problem? Constructive feedback? DM me or email [email protected].

    #hackthebox #cybersecurity #reverseshell #saturdaymp #saturdaympshow
  40. Chris C @[email protected] ·

    SaturdayMP Show #18: Hack the Box - Busqueda Part 2 (Reverse Shell)

    youtu.be/x7oDT3eYqyI

    In this episode I get a reverse shell working and make some progress on capturing the root flag.

    Question you want answered in a future video? Pair on a problem? Constructive feedback? DM me or email [email protected].

    #hackthebox #cybersecurity #reverseshell #saturdaymp #saturdaympshow

    #saturdaympshow #saturdaymp #reverseshell #cybersecurity #hackthebox
  41. Harry Sintonen @[email protected] ·

    I had a command injection vulnerability, but the target system didn't have netcat or other (obvious) means of getting a reverse shell. What to do? I wrote a minuscule "nc -e /bin/sh" in C + mips assembly, then wrote a small JavaScript stager that would encode the binary to a "echo -ne 'payload'" command that would then be used to drop the binary to /tmp, chmod it and execute with desired ip address and port. The nanonc tool sintonen.fi/src/nanonc/ supports both listen and connect back modes. The code calls linux kernel directly, doesn't use libc at all and has a custom startup code. The (low effort) stripped mipsel binary was 1372 bytes. I'm sure it could be made way way smaller, but this was well within reason already.

    Was this total overkill and wholly unnecessary amount of work just to exploit this vulnerability? Yes. Did I learn a lot about mips platform, mips calling conventions and how to create tiny apps calling the linux kernel directly? Oh yes. #infosec #hacking #exploitation #tooling #reverseshell

    #infosec #hacking #exploitation #tooling #reverseshell
  42. Harry Sintonen @[email protected] ·

    I had a command injection vulnerability, but the target system didn't have netcat or other (obvious) means of getting a reverse shell. What to do? I wrote a minuscule "nc -e /bin/sh" in C + mips assembly, then wrote a small JavaScript stager that would encode the binary to a "echo -ne 'payload'" command that would then be used to drop the binary to /tmp, chmod it and execute with desired ip address and port. The nanonc tool sintonen.fi/src/nanonc/ supports both listen and connect back modes. The code calls linux kernel directly, doesn't use libc at all and has a custom startup code. The (low effort) stripped mipsel binary was 1372 bytes. I'm sure it could be made way way smaller, but this was well within reason already.

    Was this total overkill and wholly unnecessary amount of work just to exploit this vulnerability? Yes. Did I learn a lot about mips platform, mips calling conventions and how to create tiny apps calling the linux kernel directly? Oh yes. #infosec #hacking #exploitation #tooling #reverseshell

    #infosec #hacking #exploitation #tooling #reverseshell
  43. Harry Sintonen @[email protected] ·

    I had a command injection vulnerability, but the target system didn't have netcat or other (obvious) means of getting a reverse shell. What to do? I wrote a minuscule "nc -e /bin/sh" in C + mips assembly, then wrote a small JavaScript stager that would encode the binary to a "echo -ne 'payload'" command that would then be used to drop the binary to /tmp, chmod it and execute with desired ip address and port. The nanonc tool sintonen.fi/src/nanonc/ supports both listen and connect back modes. The code calls linux kernel directly, doesn't use libc at all and has a custom startup code. The (low effort) stripped mipsel binary was 1372 bytes. I'm sure it could be made way way smaller, but this was well within reason already.

    Was this total overkill and wholly unnecessary amount of work just to exploit this vulnerability? Yes. Did I learn a lot about mips platform, mips calling conventions and how to create tiny apps calling the linux kernel directly? Oh yes. #infosec #hacking #exploitation #tooling #reverseshell

    #infosec #hacking #exploitation #tooling #reverseshell
  44. Harry Sintonen @[email protected] ·

    I had a command injection vulnerability, but the target system didn't have netcat or other (obvious) means of getting a reverse shell. What to do? I wrote a minuscule "nc -e /bin/sh" in C + mips assembly, then wrote a small JavaScript stager that would encode the binary to a "echo -ne 'payload'" command that would then be used to drop the binary to /tmp, chmod it and execute with desired ip address and port. The nanonc tool sintonen.fi/src/nanonc/ supports both listen and connect back modes. The code calls linux kernel directly, doesn't use libc at all and has a custom startup code. The (low effort) stripped mipsel binary was 1372 bytes. I'm sure it could be made way way smaller, but this was well within reason already.

    Was this total overkill and wholly unnecessary amount of work just to exploit this vulnerability? Yes. Did I learn a lot about mips platform, mips calling conventions and how to create tiny apps calling the linux kernel directly? Oh yes. #infosec #hacking #exploitation #tooling #reverseshell

    #reverseshell #tooling #exploitation #hacking #infosec
  45. Harry Sintonen @[email protected] ·

    I had a command injection vulnerability, but the target system didn't have netcat or other (obvious) means of getting a reverse shell. What to do? I wrote a minuscule "nc -e /bin/sh" in C + mips assembly, then wrote a small JavaScript stager that would encode the binary to a "echo -ne 'payload'" command that would then be used to drop the binary to /tmp, chmod it and execute with desired ip address and port. The nanonc tool sintonen.fi/src/nanonc/ supports both listen and connect back modes. The code calls linux kernel directly, doesn't use libc at all and has a custom startup code. The (low effort) stripped mipsel binary was 1372 bytes. I'm sure it could be made way way smaller, but this was well within reason already.

    Was this total overkill and wholly unnecessary amount of work just to exploit this vulnerability? Yes. Did I learn a lot about mips platform, mips calling conventions and how to create tiny apps calling the linux kernel directly? Oh yes. #infosec #hacking #exploitation #tooling #reverseshell

    #infosec #hacking #exploitation #tooling #reverseshell
  46. Brian Vermeer @[email protected] ·

    Controlling your server with a reverse shell attack t.co/65HlGDRf9T
    #reverseShell #remoteCodeExecution #RCE #security #devsecops t.co/LqKB3vOawI

    #reverseshell #remotecodeexecution #rce #security #devsecops
  47. Brian Vermeer @[email protected] ·

    Controlling your server with a reverse shell attack t.co/65HlGDRf9T
    #reverseShell #remoteCodeExecution #RCE #security #devsecops t.co/LqKB3vOawI

    #reverseshell #remotecodeexecution #rce #security #devsecops
  48. Brian Vermeer @[email protected] ·

    Controlling your server with a reverse shell attack t.co/65HlGDRf9T
    #reverseShell #remoteCodeExecution #RCE #security #devsecops t.co/LqKB3vOawI

    #reverseshell #remotecodeexecution #rce #security #devsecops
  49. Brian Vermeer @[email protected] ·

    Controlling your server with a reverse shell attack t.co/65HlGDRf9T
    #reverseShell #remoteCodeExecution #RCE #security #devsecops t.co/LqKB3vOawI

    #devsecops #security #rce #remotecodeexecution #reverseshell
  50. Brian Vermeer @[email protected] ·

    Controlling your server with a reverse shell attack t.co/65HlGDRf9T
    #reverseShell #remoteCodeExecution #RCE #security #devsecops t.co/LqKB3vOawI

    #reverseshell #remotecodeexecution #rce #security #devsecops