A penetration tester has gained initial access to a web server protected by a strict stateful firewall. The firewall's policy denies all inbound connections but permits established and related outbound traffic. To gain interactive command-line access, the tester uses a payload that forces the compromised server to connect back to a listener on the tester's attack machine. Which technique is the tester using?
A reverse shell is used to bypass firewalls that block incoming connections. The compromised target machine initiates an outbound connection to a listener on the attacker's machine, granting remote command execution. A bind shell would fail because it requires the attacker to connect to an open port on the target, which is blocked by the firewall. A web shell provides command execution through a web interface but does not inherently describe the method of an outbound connection to a listener for an interactive shell. Pivoting is a technique for moving laterally to other systems within the network after a host has been compromised; it is not the method for establishing the initial shell.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
How does a reverse shell work?
Open an interactive chat with Bash
Why is a bind shell not effective in this scenario?
Open an interactive chat with Bash
What is the difference between a reverse shell and a web shell?