a real human being writing about infosec, coding and other stuff. maybe.
23 May 2019 - mrtn
If I’ll ever forget it again, hopefully i’ll remember this post.
After getting a connection on your reverse shell, we do not have a fully interactive shell yet. This is especially obvious if you try to sudo
or something that requires a real terminal. We are confronted with the problem, that No TTY or askpass program is present
.
To solve that, we can upgrade our shell.
First, put your netcat session in the background with
ctrl + z
.
Get the number of rows and columns with
stty -a | head -n1 | cut -d ';' -f 2-3 | cut -b2- | sed 's/; /\n/'
To ignore hotkeys in the local shell and return to your reverse shell, enter
stty raw -echo; fg
For zsh users it is important to enter this in one line!
Configure your rows and columns
stty rows ROWS cols COLS
And then
export TERM=xterm-256color
All you need to do now, is reload your shell:
exec /bin/bash
Easier (if possible) is the classic python oneliner
python -c 'import pty;pty.spawn("/bin/bash");'