Kali on My Mind
Today I learned….
Actually, it was yesterday. But yesterday I learned about reverse shells, because everything I’ve learned so far about cybersecurity hasn’t been quite terrifying enough. I’m studying for Security+, and while I’m working on that a good friend of mine is working on the Offensive Security Certified Professional (OSCP) certification. We swap notes about a lot of the stuff we go over, what interested us or what we struggled with. Its been a huge help in the learning process.
But yesterday my friend walked me through sending a shell. It was interesting at first, it seemed very similar to using ssh or Windows Assist or other similar tools. One user sends permission and info and the other user gains access, to oversimplify it. Nothing mind blowing there. Next though, he showed me how it could be done in reverse. By sending a reverse shell instead of the user gaining access to another shell, the user sends access to their own shell to another network.
This command can be hidden in links or emails. It can run in the background. It basically creates a backdoor into a shell and sends access to whoever is on the other end. In the wrong hands this is a terrifying tool, and it confirms to me the absolute necessity or training for all employees, technical or not, on how to identify and avoid suspicious activity. It only takes one person to click on a suspicious link for most other security measures to be circumvented.
It also highlights the need for proper logs in a professional environment. If an attacker were to gain access to a network like this, identifying abnormal activity might well be the best way to recognize that something is wrong and the network may be compromised. Like all security measures, prevention would be the best case scenario. If prevention fails then swift identification and action is the next best thing.