Reverse TCP Shell is A simple reverse tcp backdoor.

Reverse TCP Shell is A simple reverse tcp backdoor.
Two files are provided :
— malicious python code, run it on victim side.
— can be packed into “exe” file using pyinstaller and run on Windows with no antivirus software detected (tested on Windows8.1, not detected)
On windows, run pyinstaller –noconsole –onefile to pack the malicious to Windows executable file.
+ listener.js
— simple listener written in javascript(node.js)

How to attack :
+ On attacker side, execute node listener.js to run the listener file on attacker’s machine.
+ Plant and execute on victim machine. (SE, camouflage py file as part of package, etc)

Why implementing Reverse TCP attack in Python
We first tried metasploit and used the windows/shell_reverse_tcp payload to generate the malicious exe file and we also tried msfencode to encode the exe file. However, no matter how we encoded the malicious exe file, Windows Defender could always detect it(It is interesting to find out that some 3rd party av couldn’t detect our trojan). After doing some research, we find out that Windows Defender will always load the program to memory first then scan it, so encoding will never work.

Reverse Code:

Listener Code:

Download : (3.4 MB)  | Clone Url 
Source :