Rooba
/
pwncat
mirror of https://github.com/calebstewart/pwncat.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Corrected getpeername() to just get zero-index, retrieve only IP address

This commit is contained in:
John Hammond 2020-05-28 21:33:26 -04:00
parent 456a1505f4
commit 385251b70e
2 changed files with 6 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -10,3 +10,4 @@ testbed
**/*.sqlite **/*.sqlite
testing/ testing/
data/pwncat.sqlite-journal data/pwncat.sqlite-journal
pwncat.sqlite-journal

19
pwncat/remote/victim.py
View File

@ -152,8 +152,6 @@ class Victim:
# The current user. This is cached while at the `pwncat` prompt # The current user. This is cached while at the `pwncat` prompt
# and reloaded whenever returning from RAW mode. # and reloaded whenever returning from RAW mode.
self.cached_user: str = None self.cached_user: str = None
# The original value of the PATH environment variable
self.original_path: List[str] = None
def reconnect( def reconnect(
self, hostid: str, requested_method: str = None, requested_user: str = None self, hostid: str, requested_method: str = None, requested_user: str = None
@ -249,7 +247,7 @@ class Victim:
hostname = self.run("hostname -f").strip() hostname = self.run("hostname -f").strip()
else: else:
util.warn("hostname command not found; using peer address") util.warn("hostname command not found; using peer address")
hostname = client.getpeername().encode("utf-8") hostname = client.getpeername()[0].encode("utf-8")
mac = None mac = None
# Use ifconfig if available or ip link show. # Use ifconfig if available or ip link show.
@ -355,9 +353,6 @@ class Victim:
# Disable automatic margins, which fuck up the prompt # Disable automatic margins, which fuck up the prompt
self.run("tput rmam") self.run("tput rmam")
# Store the original path
self.original_path = self.getenv("PATH").split(":")
# Now that we have a stable connection, we can create our # Now that we have a stable connection, we can create our
# privesc finder object. # privesc finder object.
self.privesc = privesc.Finder() self.privesc = privesc.Finder()
@ -488,7 +483,7 @@ class Victim:
f"pruning {Fore.RED}{name}{Fore.RESET} from busybox" f"pruning {Fore.RED}{name}{Fore.RESET} from busybox"
) )
util.success(f"pruned {len(provides) - len(new_provides)} setuid entries") util.success(f"pruned {len(provides)-len(new_provides)} setuid entries")
provides = new_provides provides = new_provides
# Let the class know we now have access to busybox # Let the class know we now have access to busybox
@ -1467,17 +1462,13 @@ class Victim:
return output return output
def reset(self, hard: bool = True): def reset(self):
""" """
Reset the remote terminal using the ``reset`` command. This also restores Reset the remote terminal using the ``reset`` command. This also restores
your prompt, and sets up the environment correctly for ``pwncat``. your prompt, and sets up the environment correctly for ``pwncat``.
:param hard: whether to actually call the `reset` command.
This prevents a long pause when we simply need to reset other
things such as the prompt, aliases or history control.
""" """
if hard: self.run("reset", wait=False)
self.run("reset", wait=False)
self.has_cr = True self.has_cr = True
self.has_echo = True self.has_echo = True
self.run("unset HISTFILE; export HISTCONTROL=ignorespace") self.run("unset HISTFILE; export HISTCONTROL=ignorespace")