Skip to content
Yancey Wang edited this page Oct 28, 2022 · 9 revisions


This article describes how to upgrade a dumb (reverse) shell into a fully functional interactive shell.

Here a dumb shell means a shell which allows you to run command, but many functions are missing. e.g "Ctrl-C" kill, TAB completiion, ls color print.

Here upgrade means make those missing features working. You can think the upgrade as "bootstrap", i.e. you get a dumb shell first, then you bootstap into a more powerful shell.


This article assume you are using the reverse shell in PR (But the technique mentioned in this PR is acutually gernerally applicable. You can use it in other places as well.)

Assume you have already get a dumb shell by using nc -l 5003, and the nc -l 5003 is running on a Linux or MacOS machine.

Upgrade your shell

"upgrade your shell" consist of 3 steps:

  1. find out some numbers
  2. run commands inside the shell
  3. run commands locally to fix your tty

find out some numbers

this step you only need to run:

stty size

and remember the two numbers.

example: image

run commands inside the shell

For Windows GHA runner


IEX(IWR -UseBasicParsing); Invoke-ConPtyShell -Upgrade -Rows 49 -Cols 160; Invoke-ConPtyShell -Upgrade -Rows 49 -Cols 160;

(you need to use the two numbers)

For Linux/MacOS GHA runners


export TERM=xterm
python -c 'import pty;pty.spawn("/bin/bash")'
stty rows 49 cols 160   #here you need the two numbers before

run commands locally to fix your tty

first, press Press Ctrl-Z to suspend the running nc. then run

stty raw -echo; fg

after you finished using your shell, you might need run reset to recover your tty.

Clone this wiki locally