openSSL reverse shell
What we need to do first, is to generate an SSL certificate key pair for our listener on the attacker machine. We can do that with the following command:
This will create two files. A βkey.pemβ and βcert.pemβ file. Weβll need those for our listener.
Next, we can start up our listener on the attacker machine using the openssl s_server command while specifying our .pem files we created:
That will start up an openSSL listener with our certificate and associated key on port 443.
Now, on our target system, we create our mkfifo named pipe as a file called βxβ in /tmp in conjunction with an openssl s_client βquiet βconnect command that will connect back to our attacker machine, and give us a shell on the victim host (over SSL):
Last updated