Shell Upgrades Fix for Carriage Return M^ M^

Shell Upgrades Fix for Carriage Return M^ M^

If you're attempting to upgrade your reverse shells using the python pty trick, following about any guide you can get your hands on, but you also happen to be using an updated version of Kali, particularly one where your default terminal is set to ZSH, - you might ... have issues. I fought this battle for a few days and finally found a solution - though I'm not entirely sure what the root cause of the issue is.

For me, instead of having tab completion, ability to use arrows for navigation, and stability - I just kept getting random characters and enter wouldn't work. Instead of a carriage return I got: M^ M^

In ASCII and Unicode, the carriage return is defined as 13 (or hexadecimal 0D); it may also be seen as control+M or ^M. In the C programming language, and many other languages (including regular expression) influenced by it.

TLDR - open a new terminal window and change over to bash. Notice that I'm utilizing bash, but my default shell is still set to ZSH.

Next - take note of your TERM, cols, rows

Start  your reverse shell, like normal

Spawning a RevShell via a python exploit, masked for your protection ;) 

Reverse Shell comes as expected

Now lets upgrade with Python

python -c 'import pty; pty.spawn("/bin/bash")'
pty spawn shell upgrade 

Perfect, but still no command completion and what not. Background your shell,

CTRL + z
stty raw -echo
FG (enter enter) 

That should fix things for you. While using ZSH and tmux - I noticed I could never get a carriage return to work unless I held SHIFT and pressed enter at the same time. This workaround, a downgrade really, fixes that.

If things go wonky, both in your attack machine or the victim: just run

reset

I hope this helps someone.

Update - the process listed below works to stabilize a shell in ZSH.

python3 -c 'import pty; pty.spawn("/bin/bash")'
CTRL + Z
stty raw -echo; fg
export TERM=xterm-256color

Additional reading

Upgrading Simple Shells to Fully Interactive TTYs
Catching a reverse shell over netcat is great…until you accidentally Ctrl-C and lose it. These techniques let you upgrade your shell to a proper TTY
Pimp My Shell — 5 Ways to Upgrade a Netcat Shell
As excited as I initially am whenever I catch a reverse shell with netcat, my enthusiasm quickly diminishes when I remember how terribly limited these shells tend to be. So I’ve decided to compile a…