1
0
mirror of https://github.com/calebstewart/pwncat.git synced 2024-11-28 03:14:14 +01:00
pwncat/docs/source/commands/run.rst
2021-06-02 19:19:25 -04:00

42 lines
1.6 KiB
ReStructuredText

Run
===
The ``run`` command gives you access to all pwncat modules at runtime. Most functionality in
pwncat is implemented using modules. This includes privilege escalation, enumeration and
persistence. You can locate modules using the ``search`` command or tab-complete their name
with the ``run`` command.
The ``run`` command is similar to the command with the same name in frameworks like Metasploit.
The first argument to ``run`` is the name of the module you would like to execute. This takes
the form of a Python fully-qualified package name. The default modules are within the ``pwncat/modules``
directory, but other can be loaded with the ``load`` command.
Modules may take arguments, which can be appended as key-value pairs to the end of a call to
the ``run`` command:
.. code-block:: bash
# Enumerate setuid files on the remote host
run enumerate.gather types=file.suid
Required module arguments are first taken from these key-value pairs. If they aren't present,
they are taken from the global configuration.
Run Within A Context
--------------------
In pwncat, the ``use`` command can enter a module context. Within a module context, the
pwncat prompt will change from "(pwncat) local$" to "(module_name) local$". In this state,
you can set module arguments with the ``set`` command. After the arguments are set, you can
run the module with ``run``. Within a module context, no arguments are required for ``run``,
however you are allowed to specify other key-value items as well. For example:
.. code-block:: bash
# Perform the same enumeration as seen above
use enumerate.gather
set types file.suid
run