Dav*_*rra 4 c shell reverse scp
我需要设置一个反向shell,以便连接到通过GPRS调制解调器连接到互联网的设备.
当特殊情况发生时,我在具有固定IP的公共服务器上启动此命令
nc -l 65535
那么我将使这个代码运行(现在我通过电缆直接连接到设备用于测试目的)(是的,在这种情况下,fork是无用的,但我将在最后的场景中需要它,所以我保持它)
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
int reverse_shell()
{
pid_t p = 0;
/* fork */
p = fork();
if (p == 0)
{
char *shell[2];
int i,fd;
struct sockaddr_in sin;
/* open socket */
fd = socket(AF_INET, SOCK_STREAM, 0);
sin.sin_family = AF_INET;
sin.sin_addr.s_addr = inet_addr("MY SERVER PUBLIC IP ADDRESS");
sin.sin_port = htons(65535);
/* connect! */
connect(fd, (struct sockaddr *)&sin,sizeof(struct sockaddr_in));
/* assign three first fd (input/output/err) to open socket */
for(i=0; i<3; i++)
dup2(fd, i);
/* build array */
shell[0] = "/bin/bash";
shell[1] = 0;
/* start the reverse shell */
if (execve(shell[0], shell, NULL) == -1)
printf("error\n");
exit(0);
}
return 0;
}
int main()
{
reverse_shell();
}
反向shell是设置但是,正如你所看到的,我没有提示,它看起来有点令人困惑.
[root@public-server tmp]# nc -lv 65535
Connection from yyy.yyy.yyy.yyy port 65535 [tcp/*] accepted
cd /etc
ls *hosts*
hosts
hosts.allow
hosts.deny
另外,我需要使用scp但是消息不断出现在设备提示符上而不是在反向连接的服务器上
反向连接服务器:
[root@public-server tmp]# nc -lv 65535
Connection from yyy.yyy.yyy.yyy port 65535 [tcp/*] accepted
ls /etc/hosts
/etc/hosts
scp /etc/hosts xxx.xxx.xxx.xxx:/tmp/
Host key verification failed.
lost connection
设备提示:
root@device:/tmp# ./a.out
root@device:/tmp# The authenticity of host 'xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx)' can't be established.
RSA key fingerprint is aa:e6:aa:1d:aa:a5:c2:fd:aa:4c:4f:e7:aa:34:aa:78.
Are you sure you want to continue connecting (yes/no)?
我该怎么做才能解决这个问题并获得稳定可用的反向外壳?