mirror of
https://github.com/calebstewart/pwncat.git
synced 2024-11-27 19:04:15 +01:00
f92aa48947
- Updated readme for new module interface - Removed old enumerate, persist, privesc code
56 lines
2.3 KiB
ReStructuredText
56 lines
2.3 KiB
ReStructuredText
Connect
|
|
=======
|
|
|
|
This command initiates or receives a connection to a remote victim and establishes
|
|
a ``pwncat`` session. Sessions can be established over any socket-like communication
|
|
layer. Currently, communications channels for reverse and bind shells over raw
|
|
sockets and SSH are implemented.
|
|
|
|
The connect command is written to take a flexible syntax. At it's core, it accepts
|
|
a connection string which looks like this: ``protocol://user:password@host:port``.
|
|
It also makes some assumptions if some or all of this connection string is missing.
|
|
|
|
The following assumptions are made if one or more of the above sections are missing
|
|
|
|
* If no protocol is specified, but the user and host are specified, assume SSH
|
|
protocol.
|
|
* If no protocol, user, or port are specified, assume reconnect protocol.
|
|
* If no protocol, user, password or port are specified, assume reconnect protocol.
|
|
* If no protocol, user or password are specified and host is not 0.0.0.0, assume
|
|
connect protocol.
|
|
* If no protocol, user, password or host are specified, assume bind protocol.
|
|
|
|
Further, any input which supplies a username (and optionally a password field) and
|
|
a host with no port or protocol will attempt to reconnect via installed persistence
|
|
first.
|
|
|
|
This command also accepts a second positional parameter to specify the port. This
|
|
parameter cannot be used along with the port within the connection string. The
|
|
reason for the second port argument is to support ``netcat`` like syntax.
|
|
|
|
These rules mean that you can invoke ``pwncat`` in a similar fashion to common
|
|
tools such as ``ssh`` and ``netcat``. For example, all of the following are valid:
|
|
|
|
.. code-block:: bash
|
|
|
|
# Connect to a bind shell on 4444
|
|
connect 10.10.10.10 4444
|
|
connect connect://10.10.10.10:4444
|
|
connect 10.10.10.10:4444
|
|
# Listen for reverse shell on 4444
|
|
connect bind://0.0.0.0:4444
|
|
connect 0.0.0.0:4444
|
|
connect :4444
|
|
connect -lp 4444
|
|
# Connect via ssh
|
|
connect user@10.10.10.10
|
|
connect -i id_rsa user@10.10.10.10
|
|
connect user:password@10.10.10.10
|
|
# Reconnect to host via IP, hostname or host hash
|
|
connect user@[hostname, host hash or IP]
|
|
connect reconnect://user:module@10.10.10.10
|
|
connect [hostname, host hash or IP]
|
|
|
|
For more concrete examples, see the ``Basic Usage`` page. The arguments to ``pwncat`` are
|
|
the same as the arguments to ``connect``
|