What does the 'shell_reverse_tcp' payload do?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

What does the 'shell_reverse_tcp' payload do?

Explanation:
The concept being tested is how a reverse shell works. A shell_reverse_tcp payload works by starting a shell on the target machine and then making that target initiate a TCP connection back to the attacker's system. Once the connection is established, the attacker’s session can send commands and receive output through that channel. This outward-initiated connection is the defining feature of a reverse shell and is especially useful when the target is behind firewalls or NAT, making inbound connections harder. Why this matches: the payload is specifically designed to create a remote shell by having the target connect back to the attacker over TCP, rather than waiting for the attacker to connect to the target or using UDP for command exchange. In contrast, a listener on the target to accept incoming connections describes a bind shell, where the target listens and the attacker connects in. Describing a persistent bind shell is similarly about the target hosting a listening port. Sending commands via UDP would be an unreliable channel and isn’t how this payload operates.

The concept being tested is how a reverse shell works. A shell_reverse_tcp payload works by starting a shell on the target machine and then making that target initiate a TCP connection back to the attacker's system. Once the connection is established, the attacker’s session can send commands and receive output through that channel. This outward-initiated connection is the defining feature of a reverse shell and is especially useful when the target is behind firewalls or NAT, making inbound connections harder.

Why this matches: the payload is specifically designed to create a remote shell by having the target connect back to the attacker over TCP, rather than waiting for the attacker to connect to the target or using UDP for command exchange.

In contrast, a listener on the target to accept incoming connections describes a bind shell, where the target listens and the attacker connects in. Describing a persistent bind shell is similarly about the target hosting a listening port. Sending commands via UDP would be an unreliable channel and isn’t how this payload operates.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy