Getting a Fully Interactive TTY Shell

Method 1: Python TTY Module

python3 -c 'import pty;pty.spawn("/bin/bash")'

//Now press CTRL+Z to send the shell in the background

stty -a // get the rows and columns from the first line
stty raw -echo;fg // get back in the shell, Press enter 2 times to get back in

// run the below commands on the compromised machine

stty rows 26 cols 118 // based on the output of stty -a

export TERM=xterm
export TERM=xterm-256color // for colors
exec /bin/bash //I always do this, that's my methodology

// now you should have a full stable shell

Method 2: Using Script Binary (If it is installed on Target System)

which script //confirm if script is installed or not
script /dev/null -c bash 

// Now press CTRL+Z to send the shell in the background

stty raw -echo;fg // get back in the shell, Press enter 2 times to get back in

export TERM=xterm

// Now you have a good TTY shell

pwncat-cs (Automated Way) Best One

We can use pwncat listener to get a fully TTY shell automtically

pwncat-cs --listen -p 4444

it has file upload and download feature as well, you need to Press CTRL+D to go to your Local machine and then upload and download files from the target machine to the local machine.

Penelope Listener (Automated Way)

We can use penelope instead of netcat to get an interactive reverse shell, this automatically upgrades our shell to fully tty

penelope 443  # Start a listener on port 443

PreviousJSON to txt Wordlist NextDocker Container Escape

Last updated 4 months ago