Shells
Forward Shell
You might find cases where you have a RCE in a web app in a, Linux machine but due to Iptables rules or other kind of filtering you cannot get a reverse shell. This "shell" allows you to maintain a PTY shell through that RCE using pipes inside the victim system. You can find the code inYou just need to modify: https://github.com/IppSec/forward-shell
The URL of the vulnerable host
The prefix and suffix of your payload (if any)
The way the payload is sent (headers? data? extra info?)
Then, you can just send commands or even use the upgrade
command to get a full PTY (note that pipes are read and written with an approximate 1.3s delay).
Last updated