Skip to content

Latest commit

 

History

History
150 lines (103 loc) · 3.52 KB

File metadata and controls

150 lines (103 loc) · 3.52 KB

Backdoor Reverse Shell (Python)

⚠️ Educational Purpose Only

This project demonstrates the fundamentals of reverse shell communication using Python sockets. It is intended solely for learning networking concepts, penetration testing in authorized lab environments, and cybersecurity education.

Do NOT use this project on systems you do not own or have explicit permission to test.


Overview

This project implements a basic reverse shell using Python's socket library. The client establishes an outbound TCP connection to the server, allowing the server to send commands and receive command output.

The project was developed to better understand:

  • TCP socket programming
  • Client-server communication
  • Command execution
  • Reverse shell concepts
  • Defensive detection techniques

Features

  • TCP client-server communication
  • Reverse connection from client to server
  • Remote command execution
  • Receive command output
  • Multiple command execution
  • Simple terminal interface
  • Lightweight implementation using Python

Project Structure

Backdoor-reverseShell-Python/
│
├── backdoor.py          # Reverse shell client
├── server.py          # Listener/server
├── requirements.txt
└── README.md

Requirements

  • Python 3.10+
  • Windows or Linux

Install dependencies:

pip install -r requirements.txt

How It Works

  1. Start the server.
  2. Configure the client with the server's IP address and port.
  3. Run the client.
  4. The client connects back to the server.
  5. The server sends commands.
  6. The client executes the commands locally.
  7. Command output is returned to the server.

Workflow

+-------------+            TCP Connection            +-------------+
|   Client    | ----------------------------------> |   Server    |
| (Target VM) |                                     | (Listener)  |
+-------------+                                     +-------------+
       ^                                                  |
       |                                                  |
       +------------ Command Output -----------------------+

Technologies Used

  • Python
  • Socket Programming
  • Subprocess Module
  • TCP Networking

Learning Objectives

This project helped me understand:

  • Socket programming fundamentals
  • Reverse shell architecture
  • TCP communication
  • Remote command execution
  • Network-based malware behavior
  • Defensive detection opportunities

Defensive Security Perspective

Reverse shells are commonly detected by security tools through:

  • Outbound connections to suspicious IP addresses
  • Unusual parent-child process relationships
  • PowerShell or CMD spawned by unknown processes
  • Endpoint Detection and Response (EDR)
  • Firewall monitoring
  • Network Intrusion Detection Systems (IDS)
  • Security Information and Event Management (SIEM)

Understanding how reverse shells operate helps defenders recognize and respond to malicious activity.


Limitations

This project is intentionally simple and does not include:

  • Encryption
  • Persistence
  • Privilege escalation
  • Obfuscation
  • Authentication
  • Stealth techniques
  • Evasion mechanisms

The focus is on learning networking concepts rather than creating a sophisticated tool.

Disclaimer

This repository is provided strictly for educational purposes.

The author does not encourage or support unauthorized access, malicious activity, or illegal use of this software. Always obtain proper authorization before conducting any security testing.