Merge pull request #198 from calebstewart/issue-193-custom-which

Added Linux which fallback routine
2024-11-24 01:25:37 +01:00 · 2021-09-19 02:52:44 -04:00 · 2021-09-19 02:52:44 -04:00 · b31ee34c65
commit b31ee34c65
parent 676abe04d7 aa528a5a87
2 changed files with 25 additions and 2 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -17,8 +17,9 @@ and simply didn't have the time to go back and retroactively create one.
 - Fixed verbose logging handler to be __unique__ for every `channel`
 - Fixed docstrings in `Command` modules
 - Changed docker base image to `python3.9-alpine` to fix python version issues.
- Added logic for calling correct paramiko method when reloading an encrypted SSH privat ekey ([#185](https://github.com/calebstewart/issues/185)).
- Forced `Stream.RAW` for all GTFOBins interaction ([#195](https://github.com/calebstewart/issues/195)).
+- Added logic for calling correct paramiko method when reloading an encrypted SSH privat ekey ([#185](https://github.com/calebstewart/pwncat/issues/185)).
+- Forced `Stream.RAW` for all GTFOBins interaction ([#195](https://github.com/calebstewart/pwncat/issues/195)).
+- Added custom `which` implementation for linux when `which` is not available ([#193](https://github.com/calebstewart/pwncat/issues/193)).
 ### Added
 - Added alternatives to `bash` to be used during _shell upgrade_ for a _better shell_
 - Added a warning message when a `KeyboardInterrupt` is caught
--- a/pwncat/platform/linux.py
+++ b/pwncat/platform/linux.py
@ -621,6 +621,9 @@ class Linux(Platform):
            self.shell = "/bin/sh"
            self.channel.sendline(b" export SHELL=/bin/sh")

+        if True or self._do_which("which") is None:
+            self._do_which = self._do_custom_which
+
        if os.path.basename(self.shell) in ["sh", "dash"]:
            # Try to find a better shell
            # a custom `pwncat shell prompt` may not be available for all shells
@ -816,6 +819,25 @@ class Linux(Platform):
        for name in p.stdout.split("\n"):
            yield name

+    def _do_custom_which(self, name: str):
+        """This is custom which implementation that will not find built-in commands.
+        It is altogether inferior to the real which, but if `which` isn't available,
+        it will do the job."""
+
+        try:
+            result = self.run(
+                f"""IFS=':'; for path in $PATH; do if [ -f "$path/{name}" ]; then echo "$path/{name}"; break; fi; done; IFS=' '""",
+                shell=True,
+                capture_output=True,
+                check=True,
+                text=True,
+            )
+            if result.stdout.rstrip("\n") == "":
+                return None
+            return result.stdout.rstrip("\n")
+        except CalledProcessError:
+            return None
+
    def _do_which(self, name: str) -> str:
        """
        Locate the specified binary on the remote host. Normally, this is done through