Merge pull request #187 from thibaudrobin/patch-2

Alternative TTY method with /usr/bin/script
2026-01-18 23:55:29 -08:00 · 2020-04-21 23:12:26 +02:00
parent eaac0e748e 2740600a6b
commit 735b0d2277
1 changed files with 13 additions and 0 deletions
--- a/Resources/Reverse
+++ b/Resources/Reverse
@@ -431,6 +431,19 @@ lua: os.execute('/bin/sh')
 - nmap: `!sh`
 - mysql: `! bash`

+Alternative TTY method
+
+```
+www-data@debian:/dev/shm$ su - user
+su: must be run from a terminal
+
+www-data@debian:/dev/shm$ /usr/bin/script -qc /bin/bash /dev/null
+www-data@debian:/dev/shm$ su - user
+Password: P4ssW0rD
+
+user@debian:~$ 
+```
+
 ## Fully interactive reverse shell on Windows
 The introduction of the Pseudo Console (ConPty) in Windows has improved so much the way Windows handles terminals.