Malware found on NPM infecting local package with reverse shell
https://www.reversinglabs.com/blog/malicious-npm-patch-delivers-reverse-shell

Malware found on NPM infecting local package with reverse shell
https://www.reversinglabs.com/blog/malicious-npm-patch-delivers-reverse-shell
Hacker in Snowflake Extortions May Be a U.S. Soldier
https://krebsonsecurity.com/2024/11/hacker-in-snowflake-extortions-may-be-a-u-s-soldier/
#Ne'er-Do-WellNews #ConnorRileyMoucka #telekomterrorist #ALittleSunshine #TheComingStorm #DDoS-for-Hire #JohnErinBinns #cyb3rph4nt0m #Kiberphant0m #Reverseshell #Ransomware #SouthKorea #buttholio #Proman557 #Snowflake #Vars_Secc #Judische #Shi-Bot #Verizon #Boxfan #Naver #Waifu #ATT
Mon dieu - Penelope is alright! Probably my favorite #reverseshell catcher for #linux targets. https://github.com/brightio/penelope
Highly recommend!
Chinese APT Abuses VSCode to Target Government in Asia
[TR: Wait what? VSCode has a reverse shell feature?! Turn this off. Sounds like something proposed by another large company’s dev team recently.] #devtools #reverseshell #c2
https://unit42.paloaltonetworks.com/stately-taurus-abuses-vscode-southeast-asian-espionage/
Hello!
I wanted to share 2 reverse shells I have made in C, for both Windows and Linux! It's only the source codes of them, non-compiled that is.
They are made with being as short as possible in mind, so they are not "fancy" in any way.
Contributions is ofc welcome! Reach out to me if you have any questions.
Have a nice day! I will leave the link to the GitHub Repo below.
- https://github.com/loneicewolf/ReverseShells
*Hopefully they are useful
I had a command injection vulnerability, but the target system didn't have netcat or other (obvious) means of getting a reverse shell. What to do? I wrote a minuscule "nc -e /bin/sh" in C + mips assembly, then wrote a small JavaScript stager that would encode the binary to a "echo -ne 'payload'" command that would then be used to drop the binary to /tmp, chmod it and execute with desired ip address and port. The nanonc tool https://sintonen.fi/src/nanonc/ supports both listen and connect back modes. The code calls linux kernel directly, doesn't use libc at all and has a custom startup code. The (low effort) stripped mipsel binary was 1372 bytes. I'm sure it could be made way way smaller, but this was well within reason already.
Was this total overkill and wholly unnecessary amount of work just to exploit this vulnerability? Yes. Did I learn a lot about mips platform, mips calling conventions and how to create tiny apps calling the linux kernel directly? Oh yes. #infosec #hacking #exploitation #tooling #reverseshell
Controlling your server with a reverse shell attack https://t.co/65HlGDRf9T
#reverseShell #remoteCodeExecution #RCE #security #devsecops https://t.co/LqKB3vOawI
Reverse shell not working
https://security.stackexchange.com/questions/267948/reverse-shell-not-working
#reverseshell #network #docker #netcat #dvwa
new shellgen be like
Writing reverse shell in #rustlang :