mirror of
https://github.com/calebstewart/pwncat.git
synced 2024-11-27 19:04:15 +01:00
Merge pull request #196 from calebstewart/gtfobins-restrict-streams
Forced Stream.RAW for gtfobins interactions
This commit is contained in:
commit
676abe04d7
@ -18,6 +18,7 @@ and simply didn't have the time to go back and retroactively create one.
|
||||
- Fixed docstrings in `Command` modules
|
||||
- Changed docker base image to `python3.9-alpine` to fix python version issues.
|
||||
- Added logic for calling correct paramiko method when reloading an encrypted SSH privat ekey ([#185](https://github.com/calebstewart/issues/185)).
|
||||
- Forced `Stream.RAW` for all GTFOBins interaction ([#195](https://github.com/calebstewart/issues/195)).
|
||||
### Added
|
||||
- Added alternatives to `bash` to be used during _shell upgrade_ for a _better shell_
|
||||
- Added a warning message when a `KeyboardInterrupt` is caught
|
||||
|
@ -5,6 +5,7 @@ import rich.markup
|
||||
|
||||
import pwncat
|
||||
from pwncat.db import Fact
|
||||
from pwncat.gtfobins import Stream
|
||||
from pwncat.facts.ability import build_gtfo_ability
|
||||
from pwncat.platform.linux import Linux
|
||||
from pwncat.modules.enumerate import Schedule, EnumerateModule
|
||||
@ -70,7 +71,9 @@ class Module(EnumerateModule):
|
||||
build_gtfo_ability(
|
||||
self.name, uid, method, source_uid=None, suid=True
|
||||
)
|
||||
for method in session.platform.gtfo.iter_binary(path)
|
||||
for method in session.platform.gtfo.iter_binary(
|
||||
path, stream=Stream.RAW
|
||||
)
|
||||
)
|
||||
finally:
|
||||
proc.wait()
|
||||
|
@ -3,7 +3,7 @@ from packaging import version
|
||||
|
||||
import pwncat
|
||||
from pwncat.facts import build_gtfo_ability
|
||||
from pwncat.gtfobins import Capability
|
||||
from pwncat.gtfobins import Stream, Capability
|
||||
from pwncat.platform.linux import Linux
|
||||
from pwncat.modules.enumerate import Schedule, EnumerateModule
|
||||
|
||||
@ -64,7 +64,7 @@ class Module(EnumerateModule):
|
||||
if "ALL" in userlist and "!root" in userlist:
|
||||
for command in rule.commands:
|
||||
for method in session.platform.gtfo.iter_sudo(
|
||||
command, caps=Capability.ALL
|
||||
command, caps=Capability.ALL, stream=Stream.RAW
|
||||
):
|
||||
# Build a generic GTFObins capability
|
||||
yield build_gtfo_ability(
|
||||
|
@ -6,6 +6,7 @@ import rich.markup
|
||||
|
||||
from pwncat.db import Fact
|
||||
from pwncat.facts import build_gtfo_ability
|
||||
from pwncat.gtfobins import Stream
|
||||
from pwncat.platform.linux import Linux
|
||||
from pwncat.modules.enumerate import Schedule, EnumerateModule
|
||||
|
||||
@ -238,7 +239,9 @@ class Module(EnumerateModule):
|
||||
source_uid=user.id,
|
||||
user=runas_user.name,
|
||||
)
|
||||
for method in session.platform.gtfo.iter_sudo(spec)
|
||||
for method in session.platform.gtfo.iter_sudo(
|
||||
spec, stream=Stream.RAW
|
||||
)
|
||||
)
|
||||
|
||||
return
|
||||
@ -304,5 +307,7 @@ class Module(EnumerateModule):
|
||||
user=user.name,
|
||||
source_uid=current_user.id,
|
||||
)
|
||||
for method in session.platform.gtfo.iter_sudo(spec)
|
||||
for method in session.platform.gtfo.iter_sudo(
|
||||
spec, stream=Stream.RAW
|
||||
)
|
||||
)
|
||||
|
@ -1274,7 +1274,7 @@ class Linux(Platform):
|
||||
if "w" in mode:
|
||||
|
||||
for method in self.gtfo.iter_methods(
|
||||
caps=Capability.WRITE, stream=Stream.PRINT | Stream.RAW
|
||||
caps=Capability.WRITE, stream=Stream.RAW
|
||||
):
|
||||
try:
|
||||
payload, input_data, exit_cmd = method.build(
|
||||
@ -1303,7 +1303,7 @@ class Linux(Platform):
|
||||
)
|
||||
else:
|
||||
for method in self.gtfo.iter_methods(
|
||||
caps=Capability.READ, stream=Stream.PRINT | Stream.RAW
|
||||
caps=Capability.READ, stream=Stream.RAW
|
||||
):
|
||||
try:
|
||||
payload, input_data, exit_cmd = method.build(
|
||||
|
Loading…
Reference in New Issue
Block a user