John Hammond
72b83c88b2
Added new GTFObins
2020-05-23 03:06:19 -04:00
John Hammond
76f83ea076
Added git and grep as GTFOBins
2020-05-20 23:55:15 -04:00
John Hammond
7d483d16e7
Fixed broken JSON file and typo-corrected some docs
2020-05-20 23:24:04 -04:00
John Hammond
fa36727a0b
Added gimp as a GTFOBins
2020-05-20 23:18:14 -04:00
John Hammond
c9cba4bf78
Added genisoimage as a GTFObin read
2020-05-20 22:42:13 -04:00
Caleb Stewart
224ef48fab
Fixed merge conflicts
2020-05-17 23:41:30 -04:00
Caleb Stewart
b2ca8515cc
Added initial database support for cross-session memory
2020-05-17 23:37:27 -04:00
John Hammond
c930925d27
Added more GTFObins
2020-05-17 19:35:49 -04:00
John Hammond
14c67f9b4b
Added more GTFOBins
2020-05-17 17:01:08 -04:00
Caleb Stewart
d62366da45
Run/local command and shortcuts
...
Added the "run" and "local" commands for remote and local command
execution respectively and the "shortcut" command to allow for shortcuts
like "!ls" for local commands and "@ls" for remote commands.
2020-05-17 02:29:51 -04:00
Caleb Stewart
512dd045c1
Refactored code to allow access to privesc.victim from anywhere (singleton)
2020-05-16 21:11:48 -04:00
Caleb Stewart
b0aff37f77
Added initial persist command to track, install, and remove persistence methods
2020-05-16 13:43:11 -04:00
Caleb Stewart
6b17fc2310
Fixed awk file-write payloads
2020-05-15 19:39:26 -04:00
Caleb Stewart
82ea5799d8
Added bind and alias commands to fully control configuration through command scripting.
2020-05-15 14:05:51 -04:00
Caleb Stewart
ded22f18e4
Merge branch 'master' of github.com:calebstewart/pwncat
2020-05-15 04:24:59 -04:00
Caleb Stewart
3fbb4076d1
Added initial configuration object and config script parsing including on_load hook
2020-05-15 04:24:42 -04:00
John Hammond
0ce067ada9
Added GTFObins cut, date, diff, dmesg, dpkg
2020-05-14 23:19:40 -04:00
John Hammond
bc774eb7e0
Added new GTFOBins for curl and csh
2020-05-14 22:20:38 -04:00
John Hammond
e19bae85aa
Added new GTFOBinsx
2020-05-13 21:39:03 -04:00
John Hammond
b9695a12bc
Added chmod as a GTFOBins. Corrected backdoor functionality when asking for password
2020-05-13 19:24:13 -04:00
John Hammond
84a5cb7deb
Changed privesc methods to use run() rather than process()... seems to work?? Added socat as a gtfobins
2020-05-13 18:58:31 -04:00
Caleb Stewart
b9f3a572a7
Tested authorized_keys clobbering with only a file-write primitive
2020-05-13 17:51:39 -04:00
Caleb Stewart
38d16794fe
Fixed botched merge
2020-05-13 16:30:55 -04:00
Caleb Stewart
42d845def4
Merge branch 'master' of github.com:calebstewart/pwncat
2020-05-13 15:27:57 -04:00
Caleb Stewart
ac948183a3
Added ssh privesc capability through file read and/or file write
2020-05-13 15:27:01 -04:00
John Hammond
96c708a169
Added requests
module into requrements. Should fix #9
2020-05-13 10:43:45 -04:00
Caleb Stewart
fa1d07d797
Fixed privesc.read_file and privesc.write_file
2020-05-12 23:31:25 -04:00
Caleb Stewart
d656849fbd
Reworking privesc framework to better allow other methods (e.g. ssh key clobbering)
2020-05-12 20:45:52 -04:00
Caleb Stewart
e661d0225d
Fixed cat typo in gtfobins.json
2020-05-12 14:13:17 -04:00
Caleb Stewart
177f1bd9ba
Added GTFObins downloader and uploader and an asciinema cast
2020-05-12 13:53:28 -04:00
Caleb Stewart
09d78cac67
Vast gtfobins improvements. Added new method 'open' to PtyHandler which allows generically opening a remote file as a file-like object (read/write) via new gtfobins module
2020-05-12 03:12:34 -04:00
Caleb Stewart
425a3c99cd
Doesn't work yet
2020-05-11 15:27:49 -04:00
John Hammond
983f37e6d6
Added vim as a GTFOBin. Testing resolved a clusterfuck
2020-05-10 23:17:03 -04:00
John Hammond
2a4ab160d3
Merge branch 'master' of https://github.com/calebstewart/pwncat
2020-05-10 19:57:32 -04:00
John Hammond
27fe9288c4
Added some GTFOBins
2020-05-10 19:55:47 -04:00
Caleb Stewart
f173e22d16
Added ability for bidirectional binary IO w/ remote process
2020-05-10 19:55:20 -04:00
Caleb Stewart
96bdb89336
Added busybox staging. Still need to fix all the references to the new which method.
2020-05-10 16:12:20 -04:00
John Hammond
18e28be292
Added dirtycow (still untested) and added screen4.5.0 privesc... THAT WORKS!
2020-05-10 03:16:25 -04:00
John Hammond
7a3c4f3bb4
Started the process for dirtcow
2020-05-10 01:21:27 -04:00
John Hammond
ac568f271f
Fixed errata from merge
2020-05-09 22:06:45 -04:00
John Hammond
a78c7926c0
Merge branch 'readwrite' of https://github.com/calebstewart/pwncat into readwrite
2020-05-09 21:41:41 -04:00
John Hammond
64fc44bdae
Added more gtfobins!
2020-05-09 21:40:37 -04:00
Caleb Stewart
b21761ff6f
Working /etc/passwd overwrite to root.
2020-05-09 21:38:24 -04:00
John Hammond
2d65544b77
Added new GTFObins entries
2020-05-09 19:00:15 -04:00
John Hammond
bebe20dcfb
Added "safe" property to gtfobins and started to add more GTFObins
2020-05-09 18:36:51 -04:00
John Hammond
3b7bf075d5
Added privesc read capability! Only somewhat tested...
2020-05-09 17:05:18 -04:00
Caleb Stewart
068c55f868
Added sudo awareness to gtfobins and updated privesc/sudo to understand the new interface. Sudo now supports wildcard listings and can intelligently parse whether a privesc is possible.
2020-05-09 15:02:04 -04:00
John Hammond
1b54ade0fb
Added lots of dirty sudo privesc code. It works!
2020-05-09 03:28:58 -04:00
Caleb Stewart
0ea0ef2546
Added abstract gtfobins interface
2020-05-09 00:49:38 -04:00