Caleb Stewart
fa18ae68fd
Updated readme to clarify video
2020-10-06 11:07:33 -04:00
trevorbryant
b5ce7f52a4
fix sudo timeout, fix set-password login, other exceptions
2020-10-05 15:25:38 -04:00
Caleb Stewart
c2c83ca058
Fixed module search docstring and enumeration filter
2020-10-05 14:32:57 -04:00
Caleb Stewart
797a9831d7
Added docstrings to last of enumerate modules
2020-10-05 11:16:10 -04:00
Caleb Stewart
5c24ad26fb
I'm dumb. I'm sorry.
2020-10-04 20:56:50 -04:00
Caleb Stewart
06515ff7f4
Added traceback option for run
2020-10-04 20:48:59 -04:00
Caleb Stewart
0d8e634cab
Fixed EscalateResult.extend
...
It was overwriting instead of extending in some cases.
2020-10-04 20:36:30 -04:00
Caleb Stewart
8a2a0e638e
Fixed escalation file write
...
- Also added /etc/passwd escalation path w/ root file write
2020-10-04 19:19:09 -04:00
Caleb Stewart
d329e8882a
Fixed escalate.auto file read
2020-10-04 18:15:38 -04:00
Caleb Stewart
de70dd04b6
Fixed search command
2020-10-04 18:00:58 -04:00
Caleb Stewart
44069b34ef
Ensured help was printed with no arguments
2020-10-04 17:48:37 -04:00
Caleb Stewart
c04bc9634a
Added packaging to setup.py requirements
2020-10-04 17:20:49 -04:00
Caleb Stewart
e612a3395d
Merge pull request #62 from calebstewart/modules
...
Modules Framework
2020-10-03 00:52:39 -04:00
Caleb Stewart
f92aa48947
Removed old modules, updated README.md
...
- Updated readme for new module interface
- Removed old enumerate, persist, privesc code
2020-10-03 00:41:28 -04:00
Caleb Stewart
ca60cfc356
Added message indicating persistence used
2020-10-02 23:54:08 -04:00
Caleb Stewart
427861e0c2
Added better protocol handling
...
The connect command now handles reconnections properly.
2020-10-02 23:48:19 -04:00
Caleb Stewart
bcb1f77606
Updated documentation
...
- Added some last touches to module system.
- Modified connect syntax to allow more flexible parameters
- Still need to update enumeration API docs and connect command docs
2020-10-02 22:28:47 -04:00
Caleb Stewart
5d7c334644
Final touches on converted modules
...
- Got the pam persistence module working
- Added persistence escalation module to utilize installed persistence
- Added escalation module priorities (EscalateModule.PRIORITY)
- Should be > 0.
- Default is 100.
- Persistence escalation has priority of -1 to ensure it runs first.
- Added enumeration module for passwords retrieved from pam persistence.
- Removed version specifier for python-rich (it was very old for some reason).
2020-09-23 19:31:09 -04:00
Caleb Stewart
f0fbb9851f
Merge branch 'master' into modules
2020-09-23 15:29:27 -04:00
Caleb Stewart
02c75ea9f7
Fixed issue link
2020-09-16 12:32:28 -04:00
Caleb Stewart
e2cbe655e6
Added note about paramiko to the README
2020-09-16 12:30:47 -04:00
Caleb Stewart
0b2458462b
Added check for correct paramiko version at runtime to mitigate version problems.
2020-09-16 12:12:22 -04:00
Caleb Stewart
867bd66af7
Merge branch 'master' of github.com:calebstewart/pwncat into master
2020-09-15 21:58:27 -04:00
Caleb Stewart
b685c89634
Optimized gtfobins data loading w/ rapidjson and minification
2020-09-15 21:58:21 -04:00
Caleb Stewart
c8ab9b04ec
Added escalate method for pam persistence
2020-09-15 21:44:09 -04:00
Caleb Stewart
27e21097fe
Merge pull request #57 from jfunction/patch-1
...
Update setup.py
2020-09-15 11:02:50 -04:00
Jared
97818b7b5e
Update setup.py
...
Watched some youtube clips on this and though I'd try this software
I got an error soon after installing - the error was because `shlex.join` is being used:
5f12a12968/pwncat/__main__.py (L29)
Turns out this requires Python 3.8:
https://docs.python.org/3/library/shlex.html#shlex.join
I propose to explicitly require this at install time so a more appropriate error is thrown to the user.
Thoughts?
2020-09-15 07:28:58 +02:00
Caleb Stewart
fb6424bde1
Merge pull request #55 from pitust/master
...
Upgrade the prompt
2020-09-14 15:38:28 -04:00
Caleb Stewart
98706fb40e
Added escaping for the prompt command
2020-09-13 21:28:31 -04:00
Caleb Stewart
599b4133b6
Removed reference to remote_prefix and fixed escaping in prompt
2020-09-13 21:26:39 -04:00
pitust
be5f33e415
Update README.md to reflect prompt changes
2020-09-14 00:15:01 +01:00
pitust
13b690867d
Fixed prompt.py
2020-09-14 00:14:07 +01:00
pitust
75ad247712
Added a better prompt
2020-09-14 00:11:34 +01:00
Caleb Stewart
e6c86e614a
Added ability to detect a pty
...
This stops pwncat from attempting to spawn a pty when one is already
running on the shell.
2020-09-13 14:30:38 -04:00
Caleb Stewart
37961a301b
Converted more modules
...
Mainly worked on authorized_keys and pam persistence modules. Also added
the `load` command allowing users to load custom modules from different
directories. Lastly, added the optional inclusion of a
`$XDG_CONFIG_HOME/pwncat/pwncatrc` configuration allowing you to specify
configuration for all invocations of pwncat (like a custom module directory).
2020-09-13 14:23:32 -04:00
Caleb Stewart
8fed7c9829
Organized and converted enumeration modules
...
Also found fix for delayed arrow key input (once merged,
this should fix #53 )
2020-09-11 16:05:53 -04:00
Caleb Stewart
f176e5d9bd
Added platform specifier for host object and platform filtering to modules
2020-09-08 20:04:19 -04:00
Caleb Stewart
fdac13d275
Added progress argument and improved auto escalate
...
`progress` argument is needed for recursive module invocation.
Also, improved the algorithm for finding escalation through
SSH private key leaking/authorized keys writing.
2020-09-03 17:23:58 -04:00
Caleb Stewart
fa8cf9dd06
Merge pull request #52 from WesVleuten/modules-sudocve
...
Added sudo CVE-2019-14287 escalation
2020-09-03 16:40:24 -04:00
Wes van der Vleuten
c6b084b50f
Added sudo CVE-2019-14287 escalation
2020-09-03 00:11:43 +02:00
Caleb Stewart
1cc6d4ad27
Fixed naming-clash in GTFOTechnique
2020-09-02 17:37:54 -04:00
Caleb Stewart
2abbe29ada
Fixed flickering progress bar!
2020-09-02 13:15:01 -04:00
Caleb Stewart
86d57d3e04
Fixed enumeration markers and added base module exception
2020-09-02 13:14:33 -04:00
Caleb Stewart
6f975fff51
Strip spaces from user/groups in sudoers
...
Fixes #24
2020-09-01 22:29:28 -04:00
Caleb Stewart
098c8a523d
Fixed a fat-finger mistake
...
Had the wrong argument for spec since I expanded sudoers to enumerate
multi-command rules. Fixed here.
2020-09-01 22:23:55 -04:00
Caleb Stewart
8d5e91a6a7
Added comma-separated commmand support to sudo
...
The sudo enumeration now returns a list of commands, per the sudoers
spec. Also updated the escalate module to handle the array of commands.
#25 asks about this, and once merged this should fix the issue
described there.
2020-09-01 22:20:04 -04:00
Caleb Stewart
57809be2ee
Added try-except for processing grep output
...
Ensured that errors were handled properly during password enumeration.
2020-09-01 21:59:24 -04:00
Caleb Stewart
e76a741add
Fixed completion on commands with no arguments
...
Fixes #44
2020-09-01 21:55:41 -04:00
Caleb Stewart
def3b59039
Changed rule.runas_user to rule.command for spec
2020-09-01 21:30:57 -04:00
Caleb Stewart
b58c2c9ee9
Merge pull request #51 from WesVleuten/modules-sudo
...
Modules rewrite: sudo escalation
2020-09-01 21:13:09 -04:00