How to Escape Restricted Shell Environments on Linux

The moment arrives when you finally pop a shell on the web server you've been working on, only you find yourself in a strange environment with limited functionality. Restricted shells are often used as an additional line of defense and can be frustrating for an attacker to stumble upon. But with enough patience and persistence, it is possible to escape these restricted environments.


What Are Restricted Shells?


Restricted shells are simply shells with restricted permissions, features, or commands. They are primarily used to ensure that users can perform the minimum operations necessary for daily function in a secure, contained environment. Administrators might also use them to make sure they don't enter any dangerous commands accidentally. Sometimes, these restricted shells might even be put in place to dissuade hackers.


The most common types of restricted shells are just normal shells with certain limitations in place, such as rbash, rksh, and rzsh. Other types can be configured more to suit certain needs and tighten restrictions, like lshell and rssh.


Environment Recon


The first step to escaping restricted shells is gathering information about the environment. Some of the most basic commands to initially try out are ls, cd, pwd, and echo. Most of the time, if these commands are restricted, an ..

Support the originator by clicking the read the rest link below.