I am learning some pentesting techniques and running into trouble with reverse shells.
Some of the windows cmd commands I try to run do not run over my netcat session (or an msfvenom-generated reverse shell exe). I run a command directly in cmd.exe on my victim VM (example command: klist) and it runs just fine. I get the expected output. In the very same cmd.exe prompt I open a reverse shell via netcat to my Kali box. I run the same command and get the output “‘klist’ is not recognized as an internal or external command…”.
This happens with multiple commands, but another example is the “reg query” command. I use it to query a registry entry and as expected, it returns the key value when I run the command directly on the Windows VM. When I run it over netcat, I can see it start to run the command (it prints the command on the next line like it does with other cmd commands), it prints a few blank lines, but no registry information. The weird part is the command works over netcat for other registry keys, but specific ones do not return any output at all. Other keys return partial information, for instance it will print the key name, but not the value. Again when I run the same command directly on the VM it returns both key name and key value.
I checked the path variable, it is the same on the VM and when I print it over netcat. I am running both the Windows VM and the Kali VM on VMware Workstation Pro 16
TLDR: I run a cmd command on windows, get the correct output. I run the same command over netcat (as the same user) and get no/incomplete output or an error saying the program does not exist.
