Netcat is often called the Swiss Army knife of hackers and penetration testers. Netcat allows reading/writing to TCP/UDP connections and has a large set of functionalities, ranging from port scans to file transfer mechanisms. However, here, we'll use Netcat to access a reverse shell.
First, we'll need a PHP script that is capable of creating TCP connection-based reverse shells. Open a new terminal and copy the php-reverse-shell command.
After this, we have to
configure the reverse shell PHP file by providing a proper IP and port, so that
it can connect with the NetCat listener.
Once the php-reverse-shell.php file is configured, upload the file:
Before that we initiate the reverse shell, we need to create our NetCat listener. Let's create a listener on port 1234.
As soon as we click on the link, our Netcat gets a reverse shell from the server, and we can happily execute commands through this interactive command shell.
This continuous reverse shell is very useful when we want to exploit further into other systems or execute a privilege escalation exploit.