[Full-disclosure] Reverse Shell Without Enabling Netcat's "GAPING_SECURITY_HOLE"

[Kurt Buff]

On Fri, Sep 19, 2008 at 3:01 PM, 545945 <545945 at gmail.com> wrote:
>      Recently a friend of mine asked me a seemingly simple question.  What
> is the easiest method to get a reverse shell from a *nix based system using
> Netcat.  He then added a caveat, that he did not want worry about
> recompiling the source to enable the "GAPING_SECURITY_HOLE" option that
> allows you to bind a shell using "-e".  My first thought was to say "Dude go
> check Google and stop bothering me with this piddly shit", however I have in
> the past had this same discussion with others and trying to construct a
> Google search string and get meaningful results on this subject can prove
> very irritating.  Because of this I gave in and told him the method I use
> which is laid out below.  I then had the thought that I should post it
> somewhere else so it was a little easier for the next person to find.  I say
> "somewhere else" because I can only assume that I am not the first person to
> post this method.

<snip>

Or you could just grab cryptcat and be done with it, if I understand
what you're after.