So I played around with writing a reverse shell in python that can be run on Windows and Linux systems that will create a socket connection back to a listener
and takes the data sent through that socket connection and stores it in a variable before passing it through to subprocess.Popen in a while loop.
The interesting thing about this is it does require a shell to sent back through the socket to interact with the host machine it is being run on. This is extremely handy in avoiding some modern day IDS/IPS devices that obviously flag this sort of network activity. However, this is still not a full proof reverse shell for evasion.
Another great thing in regards to using a reverse shell such as this is the ability to create functions within the shell or create a Server side handler that catches the connection and can assist with executing functions through the shell, such has Persistence Scripts, Download Functionality and much more.
The shell I have linked below is just a simple shell without any of that additional functionality as I am still working on a Server-Client that will be used as a C2 Server to be able to handle multiple incoming connections.
Thanks for your time!
– Pitticus
GitHub:
https://github.com/P1tt1cus/Pitts_Reverse_Shell
Video: