socat反向shell运行python脚本

Question

I am new to using socat and was wondering if this was even possible. So my scenario is I am working on my OSCP and have a machine that I can get a reverse shell back on, let's say port 8888. I am trying to keep from writing to disk on this windows xp machine. Is there anyway I can set the socat connection so when the machine connects back to me it will be able run my python enumeration script, collect the output, and write the output back to my local disk?

Thank you

Answer 1

Not sure about your scenario details, but socat has the EXEC address type:

       EXEC:<command-line>
          Forks  a  sub process that establishes communication with its parent process and invokes the specified program with execvp() .  <command-line> is a simple command with argu-
          ments separated by single spaces. If the program name contains a '/', the part after the last '/' is taken as ARGV[0]. If the program name is a relative path,  the  execvp()
          semantics  for  finding  the program via $PATH apply. After successful program start, socat writes data to stdin of the process and reads from its stdout using a UNIX domain
          socket generated by socketpair() per default. (example)
          Option groups: FD,SOCKET,EXEC,FORK,TERMIOS
          Useful options: path, fdin, fdout, chroot, su, su-d, nofork, pty, stderr, ctty, setsid, pipes, login, sigint, sigquit
          See also: SYSTEM

so in your case if I understand it, you would want to do something like:

socat TCP-LISTEN:8888 EXEC:/path/to/your/python/script