Saverr/pwncat
1
0
Fork 0
mirror of https://github.com/calebstewart/pwncat.git synced 2024-11-24 01:25:37 +01:00
Code Projects Releases Wiki Activity

Merge branch 'master' of github.com:calebstewart/pwncat

Browse Source
This commit is contained in:
Caleb Stewart 2020-05-10 00:39:21 -04:00
commit 09b9857698
1 changed files with 34 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
pwncat/pty.py
View File

@ -24,6 +24,7 @@ import enum
import shlex
import sys
import os
import re
from pwncat import util
from pwncat import downloader, uploader, privesc
@ -790,6 +791,7 @@ class PtyHandler:
""" Reset the remote terminal (calls sync, reset, and sets PS1) """
self.reset()
self.do_sync([])
print(self.id())
def run(self, cmd, wait=True, input: bytes = b"") -> bytes:
""" Run a command in the context of the remote host and return the
@ -891,6 +893,7 @@ class PtyHandler:
# Enter raw mode w/ no echo on the remote terminal
# DANGER
self.raw(echo=False)
self.run("echo") # restabilize the shell to get output
self.client.sendall(command + b"\n")
self.recvuntil(sdelim)
@ -979,6 +982,37 @@ class PtyHandler:
result = self.run("whoami")
return result.strip().decode("utf-8")
@property
def id(self):
id_output = self.run("id")
pieces = id_output.split(" ").decode("utf-8")
props = {}
for p in pieces:
segments = p.split("=")
props[segments[0]] = segments[1]
id_properties = {}
for key, value in props.items():
if key == "groups":
groups = []
for group in value.split(","):
p = group.split("(")
groups.append({"id": int(p[0]), "name": p[1].split(")")[0]})
id_properties["groups"] = groups
else:
p = value.split("(")
id_properties[key] = {"id": int(p[0]), "name": p[1].split(")")[0]}
if "euid" not in id_properties:
id_properties["euid"] = id_properties["uid"]
if "egid" not in id_properties:
id_properties["egid"] = id_properties["gid"]
return id_properties
def reload_users(self):
""" Clear user cache and reload it """
self.known_users = None