1
0
mirror of https://github.com/calebstewart/pwncat.git synced 2024-12-11 01:14:19 +01:00
Commit Graph

560 Commits

Author SHA1 Message Date
Caleb Stewart
c08b62c281 Added workflow testing in master so we cant test 2021-05-30 00:26:50 -04:00
Caleb Stewart
b998470297 Working on automated testing
Added a test workflow. Only for triggering manually for now.
2021-05-30 00:24:12 -04:00
Caleb Stewart
0046bd4c60 Added basic windows enums and bumped c2 version 2021-05-26 01:10:05 -04:00
Caleb Stewart
a15577892d Added windows local user and group enumeration
Also added markdown table generator/jinja filter for report generation.
This is currentl the best I can do since commonmark (and therefore rich)
doesn't support tables at the moment. 😭
2021-05-25 02:05:23 -04:00
Caleb Stewart
830fe7b211 Initial working windows setup
I have opened the Windows C2 repository, and added the ability for
pwncat to automatically download the C2 DLLs. If you don't have internet
or would rather grab them yourself, you can place them in
~/.local/share/pwncat (or point the `windows_c2_dir` config at the
directory where you do place them). If `stageone.dll` and `stagetwo.dll`
exist in that directory, pwncat will not attempt to download them from github.
2021-05-24 00:18:30 -04:00
Caleb Stewart
97c4d256ab Added report module for templated markdown reports
Reports are generated based on platform and use Jinja2.
Report templates are in pwncat/data/reports. I still need
to implement the full report for the individual platforms, but
have some boilerplate in the generic template. The module will
also render markdown to the terminal via rich markdown, however
tables are currently not rendered properly.
2021-05-23 17:28:48 -04:00
Caleb Stewart
67cd1033c5 Implemented Implant for PrivateKey facts
A PrivateKey fact is now also an implant unless the key is not
authorized. When we locate a private key by enumeration, the
key is assumed to be authorized until it fails. If a private
key fails to connect, it's implant types are removed, but the fact
is kept in the database. The authorized keys implant also reuses
this fact type, but defines a different remove routine to actaully
remove the authorized key from the target.
2021-05-23 15:36:17 -04:00
Caleb Stewart
812776ac28 Fixed group membership for linux enumeration
Added user to member list if primary group matches
2021-05-23 13:14:17 -04:00
Caleb Stewart
31ba4990c8 Tested commands to ensure API compliance
I went through each command to make sure they work.
Some commands aren't needed anymore and aren't implemented.
They will likely be removed eventually, but I've left an
error message there in case I want it later. This is another
check for #95.
2021-05-23 12:56:37 -04:00
Caleb Stewart
ac67745ad3 Put the cat back 2021-05-22 18:19:35 -04:00
Caleb Stewart
b663403218 Improved DB performance; ensure session exit
Ensured the session is only started/closed once per module run.
Also, added calls to `session.close` after interactive exit from
main entrypoint. Closing a session also logs any tampers or implants
left behind before closing the session.
2021-05-22 17:49:44 -04:00
Caleb Stewart
691503a270 Fixed enumeration modules
Some modules weren't cleaning up their Popen objects.
All modules at least execute now. Their results need
to be fact-checked, though.
2021-05-22 14:46:07 -04:00
Caleb Stewart
8c524bfa03 Fixed connect command
This command now functions identically to the entrypoint.
One more item down for #95
2021-05-21 23:32:25 -04:00
Caleb Stewart
e93102636e Implemented remote implant trigger from entrypoint
Command-line connection is working now, but the `connect` command needs
to be completely revamped for the new API. Still another check for #95.
2021-05-20 23:04:52 -04:00
Caleb Stewart
4c97ffef6a Added authorized_keys implant
Still need to test remote functionality, but that requires an
implementation of a reconnect command (or capability in `connect`). In
the meantime, escalate, install, and remove all work. On more step for #95.
2021-05-20 00:42:38 -04:00
Caleb Stewart
f8f7b61f0d Fixed some typos and missing imports 2021-05-19 19:12:02 -04:00
Caleb Stewart
0cab19835e Converted pam backdoor implant
Another step toward #95
2021-05-19 18:58:45 -04:00
Caleb Stewart
d9f4fefe69 Added generic implant escalation module
This module will yield escalations for local implants and does not
depend on any platform.
2021-05-18 21:02:43 -04:00
Caleb Stewart
f5413dfe08 Added db directory for testing database 2021-05-18 20:33:18 -04:00
Caleb Stewart
3e9a56a409 Working implants and multi-session escalation 2021-05-18 20:31:57 -04:00
Caleb Stewart
814c3458a7 Merge branch 'platforms' of github.com:calebstewart/pwncat into platforms 2021-05-16 22:56:57 -04:00
Caleb Stewart
637e7ef18d Working recursive escalation.
Still need to test session-based escalation, but "replace" escalations work.
2021-05-16 22:56:16 -04:00
John Hammond
57d1c645d3 All enumeration modules are now brought to the new framework 2021-05-12 19:41:12 -04:00
John Hammond
2aa3aa79c7 Brought services and uname to new platform 2021-05-12 00:17:25 -04:00
Caleb Stewart
23dc10c0a9 Added abilities to sudo enumeration 2021-05-12 00:17:01 -04:00
Caleb Stewart
396800261d Added initial escalate implementation
Also added leave command to unwrap subshells after escalation
2021-05-11 18:09:05 -04:00
Caleb Stewart
be2fb26765 Added flake8 configuration 2021-05-11 14:12:02 -04:00
Caleb Stewart
edf91507f2 Formatted all files. There were some stragglers 2021-05-11 13:55:26 -04:00
Caleb Stewart
185909862e Ran isort to sort and correct imports 2021-05-10 23:24:36 -04:00
Caleb Stewart
3f2d2e225f Moved generic fact definitions out of module tree
This move cleaned the directory tree a bit, and made imports easier to follow
2021-05-10 23:06:31 -04:00
Caleb Stewart
2b1c539290 Merge branch 'platforms' of github.com:calebstewart/pwncat into platforms 2021-05-09 15:15:58 -04:00
Caleb Stewart
b8b9435d67 Added initial implementation of escalation module 2021-05-09 15:15:50 -04:00
John Hammond
498409d8d4 Nerfed the TamperManager for the moment and brought system.process and system.selinux to the new platform 2021-05-08 22:31:46 -04:00
John Hammond
6bbdc872bd Got up to enumerate.system.process in enumeration modules -- need to start from there and finish 2021-05-08 03:14:22 -04:00
Caleb Stewart
65c2acfe33 Started migrating tamper to the platforms framework 2021-05-08 03:08:18 -04:00
John Hammond
08a5897804 Updated enumeration modules to have context of a session and can access user names and more 2021-05-08 02:16:35 -04:00
John Hammond
b9c7e96092 Merge branch 'platforms' of github.com:calebstewart/pwncat into platforms 2021-05-08 00:54:47 -04:00
John Hammond
5840e61108 Removed colors fromlistdir 2021-05-08 00:54:29 -04:00
Caleb Stewart
b6f2ae78a5 Merge branch 'platforms' of github.com:calebstewart/pwncat into platforms 2021-05-08 00:50:04 -04:00
Caleb Stewart
e4ddb0b38b Added basic passwd overwrite escalation 2021-05-08 00:49:44 -04:00
John Hammond
4bd102faae Merge branch 'platforms' of github.com:calebstewart/pwncat into platforms 2021-05-07 23:42:40 -04:00
John Hammond
a0a6ab7fa1 Corrected sudo function in Linux platform 2021-05-07 23:42:02 -04:00
John Hammond
fb7cff5d80 Go started on software 2021-05-07 23:41:46 -04:00
John Hammond
eb068ac493 Brought enumerate.software.screen to the new platforms framework 2021-05-07 23:14:55 -04:00
John Hammond
519c8910e1 Made enumerate.misc.writable_path functional. Added support to enumerate groups 2021-05-07 22:29:32 -04:00
John Hammond
4f5e792a49 Brought the enumerate.creds.passwords and enumerate.creds.private_key module to the new framework 2021-05-07 21:47:53 -04:00
John Hammond
6181531422 Corrected 2021-05-07 21:47:31 -04:00
John Hammond
3e8594e83c Corrected enumerate.file.caps and enumerate.file.suid modules to work 2021-05-07 20:46:20 -04:00
Caleb Stewart
a70e69bd70 Fixed stupid typos 2021-05-07 19:10:01 -04:00
Caleb Stewart
3f292b971f Merge branch 'platforms' of github.com:calebstewart/pwncat into platforms 2021-05-07 18:54:01 -04:00