Rsh originated as part of the BSD Unixoperating system, along with rcp, as part of the rlogin package on 4.2BSD in 1983. rsh has since been ported to other operating systems.
The rsh command has the same name as another common UNIX utility, the restricted shell, which first appeared in PWB/UNIX; in System V Release 4, the restricted shell is often located at /usr/bin/rsh.
As an example of rsh use, the following executes the command mkdir testdir as user remoteuser on the computer host.example.com running a UNIX-like system:
$ rsh-lremoteuserhost.example.com"mkdir testdir"
After the command has finished rsh terminates. If no command is specified then rsh will log in on the remote system using rlogin. The network location of the remote computer is looked up using the Domain Name System.
A remote shell session can be initiated by either a local device (which sends commands) or a remote device (on which commands are executed).[3] In the first case remote shell will be called bind shell, in the second case - reverse shell.[4]
Reverse shell can be used when the device on which the command is to be executed is not directly accessible - for example, for remote maintenance of computers located behind NAT that cannot be accessed from the outside.[5][6] Some exploits create reverse shell from an attacked device back to machines controlled by the attackers (called "reverse shell attack"). The following code demonstrates a reverse shell attack:[7]
It opens a TCP socket to attacker IP at port 80 as a file descriptor. It then repeatedly read lines from the socket and run the line, piping both stdout and stderr back to the socket. In other words, it gives the attacker a remote shell on the machine.