Restricted Shell / SSH
If reverse shell not working :
try changing the port to 443 or 80
try checking for characters breaking the reverse shell
Evading Badchars in a reverse shell (HTB Sense)
Echo abc
Echo abc/
Echo abc -
Check env variables -> env
HOME= /
Echo ${HOME}/home
Optional (Using ASCII to evade badchars)
Printf “\55” -> -
Restricted Reverse Shell :
To disable profiling in /etc/profile and ~/.profile
Locate ifconfig
/sbin/ifconfig
nice /bin/bash
SSH :
Bypass restricted shell using : (dipak.pdf)
export PATH=/bin/:sbin/:/usr/bin/:$PATH
payload = "python -c 'import pty;pty.spawn(\"/bin/bash\")'"
Last updated