1
0
mirror of https://github.com/calebstewart/pwncat.git synced 2024-11-30 20:34:15 +01:00
Commit Graph

394 Commits

Author SHA1 Message Date
Caleb Stewart
f92aa48947 Removed old modules, updated README.md
- Updated readme for new module interface
- Removed old enumerate, persist, privesc code
2020-10-03 00:41:28 -04:00
Caleb Stewart
ca60cfc356 Added message indicating persistence used 2020-10-02 23:54:08 -04:00
Caleb Stewart
427861e0c2 Added better protocol handling
The connect command now handles reconnections properly.
2020-10-02 23:48:19 -04:00
Caleb Stewart
bcb1f77606 Updated documentation
- Added some last touches to module system.
- Modified connect syntax to allow more flexible parameters
- Still need to update enumeration API docs and connect command docs
2020-10-02 22:28:47 -04:00
Caleb Stewart
5d7c334644 Final touches on converted modules
- Got the pam persistence module working
- Added persistence escalation module to utilize installed persistence
- Added escalation module priorities (EscalateModule.PRIORITY)
  - Should be > 0.
  - Default is 100.
  - Persistence escalation has priority of -1 to ensure it runs first.
- Added enumeration module for passwords retrieved from pam persistence.
- Removed version specifier for python-rich (it was very old for some reason).
2020-09-23 19:31:09 -04:00
Caleb Stewart
f0fbb9851f Merge branch 'master' into modules 2020-09-23 15:29:27 -04:00
Caleb Stewart
02c75ea9f7 Fixed issue link 2020-09-16 12:32:28 -04:00
Caleb Stewart
e2cbe655e6 Added note about paramiko to the README 2020-09-16 12:30:47 -04:00
Caleb Stewart
0b2458462b Added check for correct paramiko version at runtime to mitigate version problems. 2020-09-16 12:12:22 -04:00
Caleb Stewart
867bd66af7 Merge branch 'master' of github.com:calebstewart/pwncat into master 2020-09-15 21:58:27 -04:00
Caleb Stewart
b685c89634 Optimized gtfobins data loading w/ rapidjson and minification 2020-09-15 21:58:21 -04:00
Caleb Stewart
c8ab9b04ec Added escalate method for pam persistence 2020-09-15 21:44:09 -04:00
Caleb Stewart
27e21097fe
Merge pull request #57 from jfunction/patch-1
Update setup.py
2020-09-15 11:02:50 -04:00
Jared
97818b7b5e
Update setup.py
Watched some youtube clips on this and though I'd try this software
I got an error soon after installing - the error was because `shlex.join` is being used:
5f12a12968/pwncat/__main__.py (L29)
Turns out this requires Python 3.8: 
https://docs.python.org/3/library/shlex.html#shlex.join
I propose to explicitly require this at install time so a more appropriate error is thrown to the user. 
Thoughts?
2020-09-15 07:28:58 +02:00
Caleb Stewart
fb6424bde1
Merge pull request #55 from pitust/master
Upgrade the prompt
2020-09-14 15:38:28 -04:00
Caleb Stewart
98706fb40e Added escaping for the prompt command 2020-09-13 21:28:31 -04:00
Caleb Stewart
599b4133b6 Removed reference to remote_prefix and fixed escaping in prompt 2020-09-13 21:26:39 -04:00
pitust
be5f33e415
Update README.md to reflect prompt changes 2020-09-14 00:15:01 +01:00
pitust
13b690867d
Fixed prompt.py 2020-09-14 00:14:07 +01:00
pitust
75ad247712
Added a better prompt 2020-09-14 00:11:34 +01:00
Caleb Stewart
e6c86e614a Added ability to detect a pty
This stops pwncat from attempting to spawn a pty when one is already
running on the shell.
2020-09-13 14:30:38 -04:00
Caleb Stewart
37961a301b Converted more modules
Mainly worked on authorized_keys and pam persistence modules. Also added
the `load` command allowing users to load custom modules from different
directories. Lastly, added the optional inclusion of a
`$XDG_CONFIG_HOME/pwncat/pwncatrc` configuration allowing you to specify
configuration for all invocations of pwncat (like a custom module directory).
2020-09-13 14:23:32 -04:00
Caleb Stewart
8fed7c9829 Organized and converted enumeration modules
Also found fix for delayed arrow key input (once merged,
this should fix #53)
2020-09-11 16:05:53 -04:00
Caleb Stewart
f176e5d9bd Added platform specifier for host object and platform filtering to modules 2020-09-08 20:04:19 -04:00
Caleb Stewart
fdac13d275 Added progress argument and improved auto escalate
`progress` argument is needed for recursive module invocation.
Also, improved the algorithm for finding escalation through
SSH private key leaking/authorized keys writing.
2020-09-03 17:23:58 -04:00
Caleb Stewart
fa8cf9dd06
Merge pull request #52 from WesVleuten/modules-sudocve
Added sudo CVE-2019-14287 escalation
2020-09-03 16:40:24 -04:00
Wes van der Vleuten
c6b084b50f Added sudo CVE-2019-14287 escalation 2020-09-03 00:11:43 +02:00
Caleb Stewart
1cc6d4ad27 Fixed naming-clash in GTFOTechnique 2020-09-02 17:37:54 -04:00
Caleb Stewart
2abbe29ada Fixed flickering progress bar! 2020-09-02 13:15:01 -04:00
Caleb Stewart
86d57d3e04 Fixed enumeration markers and added base module exception 2020-09-02 13:14:33 -04:00
Caleb Stewart
6f975fff51 Strip spaces from user/groups in sudoers
Fixes #24
2020-09-01 22:29:28 -04:00
Caleb Stewart
098c8a523d Fixed a fat-finger mistake
Had the wrong argument for spec since I expanded sudoers to enumerate
multi-command rules. Fixed here.
2020-09-01 22:23:55 -04:00
Caleb Stewart
8d5e91a6a7 Added comma-separated commmand support to sudo
The sudo enumeration now returns a list of commands, per the sudoers
spec. Also updated the escalate module to handle the array of commands.
 #25 asks about this, and once merged this should fix the issue
 described there.
2020-09-01 22:20:04 -04:00
Caleb Stewart
57809be2ee Added try-except for processing grep output
Ensured that errors were handled properly during password enumeration.
2020-09-01 21:59:24 -04:00
Caleb Stewart
e76a741add Fixed completion on commands with no arguments
Fixes #44
2020-09-01 21:55:41 -04:00
Caleb Stewart
def3b59039 Changed rule.runas_user to rule.command for spec 2020-09-01 21:30:57 -04:00
Caleb Stewart
b58c2c9ee9
Merge pull request #51 from WesVleuten/modules-sudo
Modules rewrite: sudo escalation
2020-09-01 21:13:09 -04:00
Caleb Stewart
7d36fbfecb
Update __init__.py
Adding `user=` keyword argument to all `method.build` calls in the GTFOTechnique. This is needed for any file write or file read methods using sudo. It shouldn't hurt any other methods as this parameter is simply ignored for invocations that don't use a sudo spec (see [gtfobins.py](https://github.com/calebstewart/pwncat/blob/modules/pwncat/gtfobins.py#L144-L155) ).
2020-09-01 21:08:40 -04:00
Wes van der Vleuten
d615dc81ef Finished sudo escalation 2020-09-01 23:49:18 +02:00
Caleb Stewart
4ecbca9543 Initial partially functioning auto escalation
Also renamed some enumeration types and added type-globbing
for the `types` parameter of enumerations (e.g. run enumerate.gather types=system.*)
2020-09-01 15:30:47 -04:00
John Hammond
1706213920 Migrated some enumeration code into the new module framework 2020-08-31 22:05:49 -04:00
Wes van der Vleuten
8c4494e7e4 [WIP] Added sudo escalation
Currently does not working using `run`, but it does work using
`privesc`.
2020-09-01 00:21:12 +02:00
Wes van der Vleuten
a747a8b118 Added sudoers enumeration in new module framework 2020-09-01 00:20:46 +02:00
Caleb Stewart
9a855c409f Added initial setuid escalate module
Initial tests are positive. Haven't implemented auto logic yet
and more testing needs to be done with the layout/architecture
of the escalation modules. *however*, it is working.
2020-08-31 00:23:46 -04:00
Caleb Stewart
0167c5194a Added persistence and escalate module types 2020-08-30 18:05:04 -04:00
Caleb Stewart
b89d3441ab Fixed tab-completion oddities
Previously, tab-completion of positional parameters
directly following the command didn't work. It only
initially completed "option" arguments. This is fixed.
Also, word completion (e.g. Complete.CHOICES) for
arguments has been fixed.
2020-08-28 23:15:43 -04:00
Caleb Stewart
e2d851ecd3 Added search and info commands for modules 2020-08-28 21:38:56 -04:00
Caleb Stewart
570a653bee Created module structure and enumeration base
I plan to eventually momve all persistence, escalation
and enumeration modules into the new `/pwncat/modules`
structure. This allows individual modules to be used
alone and allows complex modules custom arguments.
2020-08-28 18:03:06 -04:00
Caleb Stewart
30e084ab6e Added check for /bin/sh and set appropriate prompt
/bin/sh doesn't support colored/dynamic prompts.
Set prompt to basic when connecting to a host running
/bin/sh.
2020-08-25 13:18:14 -04:00
Caleb Stewart
5f12a12968 Merge branch 'master' of github.com:calebstewart/pwncat into master 2020-08-25 13:08:56 -04:00