Hello All, This is my first blog that explains how to stabilize the shell in Linux.
While playing CTF Challenges, it is often to spawn a reverse shell on the target machine. Other than the ssh shell, every shell is a dump which often kills the reverse shell and this shell doesn’t give you the proper shell functionalities like tab completion, “su” command, clearing the terminal, etc. Sometimes, pressing “ctrl+c” completely kills your reverse shell.
Shell Stabilization prevents you from killing your reverse shell and adds proper shell functionalities.
Note: This post assumes you already have a reverse shell on the target machine.
Commands to upgrade a TTY dump shells
Python3
python3 -c "import pty; pty.spawn('/bin/bash)"
(or)
python -c "import pty; pty.spawn('/bin/bash)"
Bash
/usr/bin/script -qc /bin/bash /dev/null
(or)
/bin/sh -i
Perl
perl —e 'exec "/bin/sh";'
(or)
perl: exec "/bin/sh";
Ruby
ruby: exec "/bin/sh"
Lua
lua: os.execute('/bin/sh')
Then press ctrl+z to background the process.
Run the following command in the attacker machine,
Attacker Machine
stty raw -echo
fg
ENTER
ENTER
Run “stty raw -echo” and “fg” commands on the attacker machine, then click double ENTER. The reverse shell will be retrieved.
Victim Machine
export TERM=xterm
stty cols 132 rows 34
Set the terminal environment to the variable (e.g. xterm, xterm-256, etc)
All Done! Now you should have a stabilized bash shell that can tab complete, clear the screen, and use Ctrl+C.