Stopping processes(e.g find, grep, python http server) without exiting a reverse shell

EDIT:
The fact I am using zsh turned out to be important, and thanks to the comments here I found a fix.
- catch the reverse-shell and upgrade using python pty module
- Ctrl-Z to background the shell
- In Kali (or whatever), do these two commands inline:
– stty raw -echo; fg
– Inlining these cmds seems to be necessary with zsh
- type ‘reset’ into the now foregrounded reverse-shell(in my case what I type is not visible at this point, but is being processed), and press enter
- Voila! This gets me my fully functional TTY (and hopefully anyone else who happens to have this problem)

Original post:
I have a reverse-shell, usually upgraded to a tty with pythons pty module etc, and frequently I’m two shells deep (i.e. caught a www-data shell, and then maybe ssh’d into localhost as another user). I run something that blocks the shell (e.g. A grep or find command that I then find is taking way too long, or a simple python http server that I want to stop). I press Ctrl-C, the usual way I would stop a process in my terminal, and get promptly kicked all the way back to my normal terminal.

This is quite frustrating, as frequently, getting back to where I was involves quite a few steps, which can become exceedingly tedious to redo over and over again.

Does anyone know of a way to avoid or automate this repetition? I can’t see a way to script such things, and haven’t come across an alternative to Ctrl-C.

One thing I have tried is running find or grep commands in the background with ‘&’. But this seems very unstable and the process will exit after hitting enter a couple times in the shell.

You can set the terminal settings to pass Ctrl-C to reverse shell. Here is the process, once you have an upgraded tty,

1. Ctrl-Z
2. stty raw -echo
3. fg
4. Press enter a couple of times if you need to bring the reverse shell process to foreground.

Hope it helps.

@tang0 Thanks for the reply. I’ve seen ippsec do this, and when I try ‘stty raw -echo’ in the terminal, then foreground the reverse-shell again, it’s always unusable. But I’m not using the default kali terminal-emulator, so it might be that. I did not know it should fix my issue though, so I’ll get it working. Thanks!

@tang0 It’s weird, for some reason when I foreground after doing ‘stty raw -echo’, pressing enter just produces ‘^M’ in the shell. I tried two different terminal-emulators. I’ll have to look into this! Thanks again

@d4gd4 said:

@tang0 It’s weird, for some reason when I foreground after doing ‘stty raw -echo’, pressing enter just produces ‘^M’ in the shell. I tried two different terminal-emulators. I’ll have to look into this! Thanks again

After you foreground it typing reset often helps.

Personally, however, I find all the shell upgrades inconsistently effective. Most of the time I just endure whatever ■■■■ shell I have until I can do something like grab/write SSH keys :smile:

@TazWake Unfortunately, in my case, no commands can be entered after foregrounding, due to the Enter btn simply outputting ‘^M’ to the screen. But I will put this one in my backpocket, I’ve never seen the reset cmd before. Thanks!

I think since my weird terminal problem with ‘stty raw -echo’ is a different issue I should raise elsewhere, I consider my initial question answered. Thanks @tang0 and @TazWake

So there are some things to consider - not least stty raw -echo prevents you seeing commands echoed back to the screen, so you just fg and hope.

This is useful reading: Upgrading Simple Shells to Fully Interactive TTYs - ropnop blog

@TazWake Many thanks for that article, great info. I love this stuff!

@d4gd4 said:
@TazWake Unfortunately, in my case, no commands can be entered after foregrounding, due to the Enter btn simply outputting ‘^M’ to the screen. But I will put this one in my backpocket, I’ve never seen the reset cmd before. Thanks!

Are you using zsh? If so, issuing fg in the same line like
stty raw -echo; fg
will do the trick.

And when you have this fully upgraded shell, Control-C just works fine.

@QTranspose Wow, this worked! Thanks so much, I had tried everything, with no joy. I do indeed use zsh. How did you come by this fix?

So, combining suggestions from all three of you fixed my issue. I didn’t think to mention I was using zsh, I’m just so used to it now. Using the method suggested by @tang0, but inline as ‘stty raw -echo; fg’ as @QTranspose suggested, plus @TazWake 's tip of issuing the ‘reset’ command after foregrounding the nc shell, got me a fully functional TTY. I’m visibly excited by this I’ll have you all know. Fantastic!

zsh resets the terminal whenever it gets control (i.e. when a command finishes and returns to the prompt). So, for the changes made by stty command to take effect, we have to fg before they get reset.

@QTranspose Good to know, thanks

Type your comment> @d4gd4 said:

So, combining suggestions from all three of you fixed my issue. I didn’t think to mention I was using zsh, I’m just so used to it now. Using the method suggested by @tang0, but inline as ‘stty raw -echo; fg’ as @QTranspose suggested, plus @TazWake 's tip of issuing the ‘reset’ command after foregrounding the nc shell, got me a fully functional TTY. I’m visibly excited by this I’ll have you all know. Fantastic!

I never needed to reset the upgraded tty untill i got out of the reverse shell back to my own terminal. But then again i use bash so the behavior is probably different from zsh.

Type your comment> @tang0 said:

I never needed to reset the upgraded tty untill i got out of the reverse shell back to my own terminal. But then again i use bash so the behavior is probably different from zsh.

Yes, it appears all messed up for me until I reset

you need to do it in one line!

stty raw -echo; fg