The reverse shell

A much slimmer and simpler complement to the bind shell.  Come see my talk at Derbycon this Saturday 5:30pm at  and learn about how you (yes you) can put this to use in your pentests! This version does not have a built-in EBCDIC encoder/decoder like the bind shell below.   The client (or framework??) is responsible for… Continue reading The reverse shell

Mainframe Bind Shell – Source Code

Key in any basic toolset for pentesting the mainframe platform is a selection of payloads that can be used to test vulnerabilities. Below is a bind shell payload, written from scratch in mainframe assembler.  The shell can be connected to using netcat. The payload differs from its Intel counterparts, in that it contains its own EBCDIC to ASCII… Continue reading Mainframe Bind Shell – Source Code