Tips & Tricks

Improving Windows PowerShell Reverse Shells For Up/Down Arrows

When you use Netcat to catch a PowerShell reverse shell, like Nishang, you’ll notice that you won’t have the ability to use up/down arrow keys. This could be a huge pain when you’re stuck in this type of shell. However, there is a tool that we can leverage that should improve your experience with these type of shells.

To begin, we’ll download and install the tool on our system.
sudo apt install rlwrap -y

Then we’ll set up a log file on our box that will give us the input/output logging.
script reverse.log

Now we can start our Netcat listener.
rlwrap nc -nvlp <listenPort>

Then we’ll issue our exploit to start our reverse shell. Now we should have arrow keys within our Netcat session!

Tips & Tricks

Upgrading Simple Shells to Interactive TTYs w/ Python

This is a quick and easy post, mainly for my own reference moving forward. It will showcase how to upgrade and improve your reverse shells so that they are more user friendly.

Once you have a reverse shell, start by running the command

python -c 'import pty;pty.spawn("/bin/bash")'

Now we’ll background the window with Ctrl + Z. We’ll be taken back to our Kali terminal window.

In the Kali terminal, type in stty raw -echo. It will appear like nothing happened, but then type in fg. Note: The text you type here will not display.

Press Enter. This will repopulate the command you ran to capture the shell, and then Enter a 2nd time. This will take you back to your reverse shell.

Now, you can run export TERM=xterm, which will allow you to do things like clear the screen.

Fixing Rows/Columns

If you need to run vi, you may find that your shell doesn’t display the editor correctly. For example, it may not fill out the entire terminal window (see image below).

To fix this, we’ll need to adjust the row and columns. From a new terminal window (on your local machine), run the following command.

stty -a

Make note of the returned rows and columns. Back in your shell, run the following command to configure the terminal with the correct number of rows/columns.

stty rows <insert> columns <insert>

Now running vi will work correctly.