Reverse shell. Extrange characters when pressing ESC, arrow, etc. '^[[A'

mfvazquezrmfvazquezr
edited November 2020 in Tools

Hi guys,

I realised that I have a problem when I am working on a reverse shell. Some keys are not working as expected and are sending extrange characters to the shell instead of their usual behaviour in a usual terminal on Linux. This is only happening on reverse shells.

https://i.ibb.co/LrksyR4/Captura.jpg

For example. When I press [UP ARROW] it writes ^[[A on the terminal.

OS: Kali Linux
Terminal: Native Linux terminal.

I googled for it but nothing.

Why is this happening?

Thank you very much!

Hack The Box

Tagged:

Comments

  • clubby789clubby789

    https://blog.ropnop.com/upgrading-simple-shells-to-fully-interactive-ttys/
    The simple explanation is normally, when you press up, your shell captures that keystroke and does the appropriate action. In a reverse shell, NC is set to (for whatever reason) send that escape sequence when you press up.

    clubby789

    • GCIH | GCIA
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
  • acidbatacidbat

    Type your comment> @clubby789 said:

    https://blog.ropnop.com/upgrading-simple-shells-to-fully-interactive-ttys/
    The simple explanation is normally, when you press up, your shell captures that keystroke and does the appropriate action. In a reverse shell, NC is set to (for whatever reason) send that escape sequence when you press up.

    Yeah, I have always been a fan of:
    python -c 'import pty; pty.spawn("/bin/bash")'
    or
    python3 -c 'import pty; pty.spawn("/bin/bash")'

    :)

    Always happy to help others. 100% human

    https://www.mindfueldaily.com/livewell/thank-you/

  • mfvazquezrmfvazquezr

    Thank you very much! I supposed it could be something related to that.

    Hack The Box

  • TazWakeTazWake

    @mfvazquezr said:

    Thank you very much! I supposed it could be something related to that.

    I am 99.99999999999% confident it is this.

    If it wasn't, it wouldn't only happen on reverse shells.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

    Currently have very limited HTB time but will try to respond as quickly as possible.

  • mRNAmRNA

    rlwrap nc -lvnp 7777 (or whichever port you like)

    adds a little bit comfort to your netcat reverse shell.

    python ... spawn ... is great, but if there is no python on client's machine, upload a static socat binary and establishe a socat shell, google for ropnop socat upgrade if you need more details.

  • LMAY75LMAY75

    That's just how 'dumb' rev shells work. If you want a fully interactive shell you're gonna have to upgrade it with:

    python -c 'import pty; pty.spawn("/bin/bash")'

    or

    python3 -c 'import pty; pty.spawn("/bin/bash")'

    And then the standard:

    Ctl+Z
stty raw -echo
fg
reset
xterm-256color
export $TERM=xterm
export $SHELL=bash

    and then set the correct terminal dimensions

    LMAY75
    Always happy to help, DM me if you need anything!
    Link to Profile

Sign In to comment.