1
0
mirror of https://github.com/calebstewart/pwncat.git synced 2024-11-24 01:25:37 +01:00
Commit Graph

360 Commits

Author SHA1 Message Date
Caleb Stewart
e658f9a592 Completely moved pwncat.victim.config to pwncat.config 2020-10-08 13:39:51 -04:00
Caleb Stewart
83852e3d67 Made some initial moves toward central config 2020-10-08 13:35:28 -04:00
Caleb Stewart
a825d00da2 Initial modifications to make configuration refactoring work 2020-10-08 13:22:41 -04:00
Caleb Stewart
fa18ae68fd Updated readme to clarify video 2020-10-06 11:07:33 -04:00
trevorbryant
b5ce7f52a4 fix sudo timeout, fix set-password login, other exceptions 2020-10-05 15:25:38 -04:00
Caleb Stewart
c2c83ca058 Fixed module search docstring and enumeration filter 2020-10-05 14:32:57 -04:00
Caleb Stewart
797a9831d7 Added docstrings to last of enumerate modules 2020-10-05 11:16:10 -04:00
Caleb Stewart
5c24ad26fb I'm dumb. I'm sorry. 2020-10-04 20:56:50 -04:00
Caleb Stewart
06515ff7f4 Added traceback option for run 2020-10-04 20:48:59 -04:00
Caleb Stewart
0d8e634cab Fixed EscalateResult.extend
It was overwriting instead of extending in some cases.
2020-10-04 20:36:30 -04:00
Caleb Stewart
8a2a0e638e Fixed escalation file write
- Also added /etc/passwd escalation path w/ root file write
2020-10-04 19:19:09 -04:00
Caleb Stewart
d329e8882a Fixed escalate.auto file read 2020-10-04 18:15:38 -04:00
Caleb Stewart
de70dd04b6 Fixed search command 2020-10-04 18:00:58 -04:00
Caleb Stewart
44069b34ef Ensured help was printed with no arguments 2020-10-04 17:48:37 -04:00
Caleb Stewart
c04bc9634a Added packaging to setup.py requirements 2020-10-04 17:20:49 -04:00
Caleb Stewart
e612a3395d
Merge pull request #62 from calebstewart/modules
Modules Framework
2020-10-03 00:52:39 -04:00
Caleb Stewart
f92aa48947 Removed old modules, updated README.md
- Updated readme for new module interface
- Removed old enumerate, persist, privesc code
2020-10-03 00:41:28 -04:00
Caleb Stewart
ca60cfc356 Added message indicating persistence used 2020-10-02 23:54:08 -04:00
Caleb Stewart
427861e0c2 Added better protocol handling
The connect command now handles reconnections properly.
2020-10-02 23:48:19 -04:00
Caleb Stewart
bcb1f77606 Updated documentation
- Added some last touches to module system.
- Modified connect syntax to allow more flexible parameters
- Still need to update enumeration API docs and connect command docs
2020-10-02 22:28:47 -04:00
Caleb Stewart
5d7c334644 Final touches on converted modules
- Got the pam persistence module working
- Added persistence escalation module to utilize installed persistence
- Added escalation module priorities (EscalateModule.PRIORITY)
  - Should be > 0.
  - Default is 100.
  - Persistence escalation has priority of -1 to ensure it runs first.
- Added enumeration module for passwords retrieved from pam persistence.
- Removed version specifier for python-rich (it was very old for some reason).
2020-09-23 19:31:09 -04:00
Caleb Stewart
f0fbb9851f Merge branch 'master' into modules 2020-09-23 15:29:27 -04:00
Caleb Stewart
02c75ea9f7 Fixed issue link 2020-09-16 12:32:28 -04:00
Caleb Stewart
e2cbe655e6 Added note about paramiko to the README 2020-09-16 12:30:47 -04:00
Caleb Stewart
0b2458462b Added check for correct paramiko version at runtime to mitigate version problems. 2020-09-16 12:12:22 -04:00
Caleb Stewart
867bd66af7 Merge branch 'master' of github.com:calebstewart/pwncat into master 2020-09-15 21:58:27 -04:00
Caleb Stewart
b685c89634 Optimized gtfobins data loading w/ rapidjson and minification 2020-09-15 21:58:21 -04:00
Caleb Stewart
c8ab9b04ec Added escalate method for pam persistence 2020-09-15 21:44:09 -04:00
Caleb Stewart
27e21097fe
Merge pull request #57 from jfunction/patch-1
Update setup.py
2020-09-15 11:02:50 -04:00
Jared
97818b7b5e
Update setup.py
Watched some youtube clips on this and though I'd try this software
I got an error soon after installing - the error was because `shlex.join` is being used:
5f12a12968/pwncat/__main__.py (L29)
Turns out this requires Python 3.8: 
https://docs.python.org/3/library/shlex.html#shlex.join
I propose to explicitly require this at install time so a more appropriate error is thrown to the user. 
Thoughts?
2020-09-15 07:28:58 +02:00
Caleb Stewart
fb6424bde1
Merge pull request #55 from pitust/master
Upgrade the prompt
2020-09-14 15:38:28 -04:00
Caleb Stewart
98706fb40e Added escaping for the prompt command 2020-09-13 21:28:31 -04:00
Caleb Stewart
599b4133b6 Removed reference to remote_prefix and fixed escaping in prompt 2020-09-13 21:26:39 -04:00
pitust
be5f33e415
Update README.md to reflect prompt changes 2020-09-14 00:15:01 +01:00
pitust
13b690867d
Fixed prompt.py 2020-09-14 00:14:07 +01:00
pitust
75ad247712
Added a better prompt 2020-09-14 00:11:34 +01:00
Caleb Stewart
e6c86e614a Added ability to detect a pty
This stops pwncat from attempting to spawn a pty when one is already
running on the shell.
2020-09-13 14:30:38 -04:00
Caleb Stewart
37961a301b Converted more modules
Mainly worked on authorized_keys and pam persistence modules. Also added
the `load` command allowing users to load custom modules from different
directories. Lastly, added the optional inclusion of a
`$XDG_CONFIG_HOME/pwncat/pwncatrc` configuration allowing you to specify
configuration for all invocations of pwncat (like a custom module directory).
2020-09-13 14:23:32 -04:00
Caleb Stewart
8fed7c9829 Organized and converted enumeration modules
Also found fix for delayed arrow key input (once merged,
this should fix #53)
2020-09-11 16:05:53 -04:00
Caleb Stewart
f176e5d9bd Added platform specifier for host object and platform filtering to modules 2020-09-08 20:04:19 -04:00
Caleb Stewart
fdac13d275 Added progress argument and improved auto escalate
`progress` argument is needed for recursive module invocation.
Also, improved the algorithm for finding escalation through
SSH private key leaking/authorized keys writing.
2020-09-03 17:23:58 -04:00
Caleb Stewart
fa8cf9dd06
Merge pull request #52 from WesVleuten/modules-sudocve
Added sudo CVE-2019-14287 escalation
2020-09-03 16:40:24 -04:00
Wes van der Vleuten
c6b084b50f Added sudo CVE-2019-14287 escalation 2020-09-03 00:11:43 +02:00
Caleb Stewart
1cc6d4ad27 Fixed naming-clash in GTFOTechnique 2020-09-02 17:37:54 -04:00
Caleb Stewart
2abbe29ada Fixed flickering progress bar! 2020-09-02 13:15:01 -04:00
Caleb Stewart
86d57d3e04 Fixed enumeration markers and added base module exception 2020-09-02 13:14:33 -04:00
Caleb Stewart
6f975fff51 Strip spaces from user/groups in sudoers
Fixes #24
2020-09-01 22:29:28 -04:00
Caleb Stewart
098c8a523d Fixed a fat-finger mistake
Had the wrong argument for spec since I expanded sudoers to enumerate
multi-command rules. Fixed here.
2020-09-01 22:23:55 -04:00
Caleb Stewart
8d5e91a6a7 Added comma-separated commmand support to sudo
The sudo enumeration now returns a list of commands, per the sudoers
spec. Also updated the escalate module to handle the array of commands.
 #25 asks about this, and once merged this should fix the issue
 described there.
2020-09-01 22:20:04 -04:00
Caleb Stewart
57809be2ee Added try-except for processing grep output
Ensured that errors were handled properly during password enumeration.
2020-09-01 21:59:24 -04:00