Caleb Stewart
72dc93e6f7
privesc now uses persist to overcome UID!=EUID
...
`pwncat.victim.privesc` will use the first available
and working persistence mechanism to overcome UID!=EUID
situations. Also, added more documentation.
2020-05-20 15:58:43 -04:00
Caleb Stewart
11fe2715ab
PAM Backdoor
...
Added a PAM backdoor persistence method allowing known password for all
users and logging of plaintext passwords for any subsiquent
authentications.
2020-05-19 22:12:53 -04:00
Caleb Stewart
88b9ce4b46
Added reference to pwncat readthedocs page to readme
2020-05-19 16:37:57 -04:00
Caleb Stewart
0830b08d84
Changed the master_doc to index for docs.
2020-05-19 16:33:30 -04:00
Caleb Stewart
6971f2db06
Added initial stab at documentation and basic structure for generically handling remote services
2020-05-19 16:24:19 -04:00
Caleb Stewart
224ef48fab
Fixed merge conflicts
2020-05-17 23:41:30 -04:00
Caleb Stewart
b2ca8515cc
Added initial database support for cross-session memory
2020-05-17 23:37:27 -04:00
John Hammond
c930925d27
Added more GTFObins
2020-05-17 19:35:49 -04:00
John Hammond
14c67f9b4b
Added more GTFOBins
2020-05-17 17:01:08 -04:00
Caleb Stewart
3c1e72342b
Fixed GTFOBins parsing problem
2020-05-17 12:43:58 -04:00
Caleb Stewart
d62366da45
Run/local command and shortcuts
...
Added the "run" and "local" commands for remote and local command
execution respectively and the "shortcut" command to allow for shortcuts
like "!ls" for local commands and "@ls" for remote commands.
2020-05-17 02:29:51 -04:00
Caleb Stewart
512dd045c1
Refactored code to allow access to privesc.victim from anywhere (singleton)
2020-05-16 21:11:48 -04:00
Caleb Stewart
b0aff37f77
Added initial persist command to track, install, and remove persistence methods
2020-05-16 13:43:11 -04:00
Caleb Stewart
649618fdcc
Merge branch 'master' of github.com:calebstewart/pwncat
2020-05-15 19:39:32 -04:00
Caleb Stewart
6b17fc2310
Fixed awk file-write payloads
2020-05-15 19:39:26 -04:00
Caleb Stewart
205c7457c2
Merge pull request #12 from trevorbryant/master
...
Update README and setup.py
2020-05-15 19:34:43 -04:00
trevorbryant
9460a51e31
fix python install setup
2020-05-15 16:13:58 -04:00
trevorbryant
995ddd320f
dependencies, install instructions
2020-05-15 16:13:38 -04:00
Caleb Stewart
82ea5799d8
Added bind and alias commands to fully control configuration through command scripting.
2020-05-15 14:05:51 -04:00
Caleb Stewart
ded22f18e4
Merge branch 'master' of github.com:calebstewart/pwncat
2020-05-15 04:24:59 -04:00
Caleb Stewart
3fbb4076d1
Added initial configuration object and config script parsing including on_load hook
2020-05-15 04:24:42 -04:00
John Hammond
0ce067ada9
Added GTFObins cut, date, diff, dmesg, dpkg
2020-05-14 23:19:40 -04:00
Caleb Stewart
9a73d076f0
Merge branch 'master' of github.com:calebstewart/pwncat
2020-05-14 23:17:39 -04:00
Caleb Stewart
84cb300be7
Added gtfobins testing script
2020-05-14 23:17:34 -04:00
John Hammond
eb6d8d1972
Fixed the necessary pull to use Caleb's fork of prompt-toolkit
2020-05-14 22:26:53 -04:00
Caleb Stewart
c35e0ff8ec
Merge branch 'master' of github.com:calebstewart/pwncat
2020-05-14 22:21:23 -04:00
Caleb Stewart
7655b40698
Merged master
2020-05-14 22:21:20 -04:00
John Hammond
bc774eb7e0
Added new GTFOBins for curl and csh
2020-05-14 22:20:38 -04:00
Caleb Stewart
45810027d0
All old commands ported over
2020-05-14 22:18:21 -04:00
Caleb Stewart
b1f3c54087
Added upload, download, and help commands. Improved error checking on PtyHandler.open
2020-05-14 04:01:28 -04:00
Caleb Stewart
81fb010b1a
Added command framework with automatic argparse, syntax highlighting and tab completion including verbose help. Still in the progress of converting old commands before merging to master
2020-05-13 23:38:07 -04:00
John Hammond
e19bae85aa
Added new GTFOBinsx
2020-05-13 21:39:03 -04:00
John Hammond
b9695a12bc
Added chmod as a GTFOBins. Corrected backdoor functionality when asking for password
2020-05-13 19:24:13 -04:00
John Hammond
84a5cb7deb
Changed privesc methods to use run() rather than process()... seems to work?? Added socat as a gtfobins
2020-05-13 18:58:31 -04:00
John Hammond
80c4e9839a
Moved screen privesc method to use the new remote file open() syntax
2020-05-13 18:00:25 -04:00
Caleb Stewart
b9f3a572a7
Tested authorized_keys clobbering with only a file-write primitive
2020-05-13 17:51:39 -04:00
Caleb Stewart
38d16794fe
Fixed botched merge
2020-05-13 16:30:55 -04:00
John Hammond
b5f1bcb4ce
Corrected pty sending and sudo password things
2020-05-13 16:01:26 -04:00
Caleb Stewart
42d845def4
Merge branch 'master' of github.com:calebstewart/pwncat
2020-05-13 15:27:57 -04:00
Caleb Stewart
ac948183a3
Added ssh privesc capability through file read and/or file write
2020-05-13 15:27:01 -04:00
John Hammond
96c708a169
Added requests
module into requrements. Should fix #9
2020-05-13 10:43:45 -04:00
John Hammond
d797eed718
Adding a comment for clarity on sleeping
2020-05-13 00:21:53 -04:00
John Hammond
cd54ffb2fc
Corrected some nonsense while accidentially reading command echoes
2020-05-13 00:20:51 -04:00
Caleb Stewart
fa1d07d797
Fixed privesc.read_file and privesc.write_file
2020-05-12 23:31:25 -04:00
Caleb Stewart
e6d4e955dc
Merge branch 'master' of github.com:calebstewart/pwncat
2020-05-12 20:45:57 -04:00
Caleb Stewart
d656849fbd
Reworking privesc framework to better allow other methods (e.g. ssh key clobbering)
2020-05-12 20:45:52 -04:00
John Hammond
445e47731e
Added new requirements into requirements.txt
2020-05-12 20:17:17 -04:00
Caleb Stewart
e661d0225d
Fixed cat typo in gtfobins.json
2020-05-12 14:13:17 -04:00
Caleb Stewart
177f1bd9ba
Added GTFObins downloader and uploader and an asciinema cast
2020-05-12 13:53:28 -04:00
Caleb Stewart
935549fac1
Merge pull request #8 from calebstewart/gtfobins-update
...
Gtfobins update
2020-05-12 03:16:48 -04:00