CVE & Exploits, How to

Spawn a TTY Shell

There are several commands and things you can’t do if you have a non-tty-shell. This can occur if you upload reverse shells...

Avatar photo Written by Sajal Jain · 38 sec read >
spawn-tty-shell

There are several commands and things you can’t do if you have a non-tty-shell. This can occur if you upload reverse shells to a web server, resulting in a shell that is created by the user www-data or a user with a similar name.
As a result, you cannot use su or sudo, for instance, without a tty-shell. If you are able to obtain a root password but are unable to utilise it, this might be frustrating.

Below are a few commands which can help you to have an interactive TTY shell:

1.) python -c 'import pty; pty.spawn("/bin/sh")'

2.) echo os.system('/bin/bash')

3.) /bin/sh -i

4.) perl —e 'exec "/bin/sh";'

5.) perl: exec "/bin/sh";

6.) ruby: exec "/bin/sh"

7.) lua: os.execute('/bin/sh')

8.)(From within IRB) - exec "/bin/sh"

9.)(From within vi) - :!bash

10.)(From within vi) - :set shell=/bin/bash:shell

11.)(From within nmap) - !sh

Source: netsec.ws

This is for pure educational & informational purpose. Only use these techniques where allowed or you have permission to do so.

Written by Sajal Jain
Cyber Security Enthusiast | OSCP | CEH | CHFI | CNSS | Master of IT Security & Master of IT Management Profile

Network Pivoting and Tunneling Guide

Sajal Jain in How to
  ·   2 min read

Leave a Reply

Your email address will not be published. Required fields are marked *