![]() With the following command, we add a rule to allow any TCP traffic to port 4445. We will fix this by opening port 4445 in the Windows firewall. That lets you walk up to an unsecured laptop (that you have legitimate access to of course) and snag a shell. The Netcat Command is executed when a user logs in now, but we currently don’t have access to the port remotely. Reverse shells are really fun to play with especially if you have something like a rubber ducky or a bash bunny. Subsequently it doesn’t stop a machine from inside your firewall that has access to the internet **cough**cough laptops, from using the allowable port, and then pivoting to anything that can be accessible on the internal lan. This means that the connection and all the traffic flowing through that pipe is going to look like regular http traffic and if that port is open on one of your hosts (as it usually is) then it doesn’t matter what kind of firewall you have, it isn’t going to stop a reverse shell from owning you. More on Using Bash's Built-in /dev/tcp File (TCP/IP) If you saw yesterday's Tech Tip and were looking for more on using TCP/IP with bash's built-in /dev/tcp device file…What’s so scary about this? Well, netcat can be listening on any port, and in the example it listened on port 80. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |