TTY SHELL FROM ONE LINE OF PHP CODE

we all know how important to gain tty ( teletype terminal ) shell during a penetration testing.

i had a scenario where the vulnerable webdav server is installed in virtualization environment and no routing enabled from the victim box to the outside network or lets say there is outbound firewall and reverse connection denied !!

i was able to upload php shell of oneline using webdav credentials.

the python code below will take a request command and pipe it and receive the response again in threaded mode

python3

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store