Asynchronous reverse shell using the HTTP protocol.

March 9, 2020

Today there are many ways to create a reverse shell in order to be able to remotely control a machine through a firewall. Indeed, outgoing connections are not always filtered.

However, security software and hardware (IPS, IDS, Proxy, AV, EDR...) are more and more powerful and can detect these attacks. Most of the time the connection to a reverse shell is established through a TCP or UDP tunnel.

I figured that the best way to stay undetected would be to make it look like legitimate traffic. The HTTP protocol is the most used by a standard user. Moreover, it is almost never filtered so as not to block access to websites.

How does it work?

  1. The client app is executed on the target machine.
  2. The client initiates the connection with the server.
  3. The server accepts the connection.

-The client queries the server until it gets instructions.
-The attacker provides instructions to the server.
-When a command is defined, the client executes it and returns the result.

And so on, until the attacker decides to end the session.


Read the rest of this story with a free account.

Already have an account? Sign in

Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

1 Comment
Oldest Most Voted
Inline Feedbacks
View all comments
2 years ago

so like basically you can just use the malicious payload & listener that metasploit provides instead of building your own payload and listener from scratch, that actual question was, to take advantage of the server with having to install a backdoor on their system!

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.

What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?

Download Free eBook

Step 1 of 4


We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.