Fixing a raw shell with Python and stty
I've seen the python pty trick in a few places, first when taking OSCP labs. However, if you've noticed there's still some problems. 2 years ago at HackFest @r00k did a presentation where he improved the quality of the shell dramatically. Last year at HackFest, @jeffmcjunkin posted further improvements. All credit goes to them, and the excerpt below comes directly from Jeff McJunkin's SEC560 notes.
Update 18/Jul/2018: It looks like a very similar (if not exactly the same) technique is used in the following video, for those of you that want to see it in action. https://youtu.be/5Hj_FkqU0Xc?t=26m15s
Note that after entering the stty raw -echo
, you're not going to see the fg get typed, and your terminal is going to be awful wonkey.
Gaining a comfortable shell with a TTY after gaining a netcat shell:
python -c 'import pty; pty.spawn("/bin/bash")'
Background the shell by pressing Ctrl-Z
(on your local terminal) echo $TERM
(on your local terminal) stty -a | head -n1
(on your local terminal) stty raw -echo
(on your local terminal) fg
export HOME=/your/home/directory
export SHELL=/bin/bash
export TERM=(whatever output you got from “echo $TERM” above)
stty rows X columns Y (using the output from “stty -a | head -n1” above)
echo $TERM
should return xterm-256color
on Kali.
The short of the commands listed below, with the exception of possibly the HOME and the X and Y rows.
python -c 'import pty; pty.spawn("/bin/bash")'
CTRL-Z
stty -a | head -n1
stty raw -echo
fg
export HOME=/root
export SHELL=/bin/bash
export TERM=xterm-256color
stty rows X columns Y
Enjoy your tab complete, vim, and everything else!