Fully (auto) interactive TTY shells
Introduction During penetration tests or red teaming exercises, one of the most recurring tasks is gaining an remote shell, whether it be a bind or a reverse one. Once some kind of injection command vulnerability is exploited, for instance, using one of the widely tested snippets is enough to get a reverse shell on the attacker’s machine.
Usually the received shell is a non-interactive one, which precludes the execution of processes that demand a higher level of terminal control, such as visual text editors and programs that deal with login information, for instance.
Read more...