From 9b0067a4ed6a2f7762b7cbae38d2cb97b6484a29 Mon Sep 17 00:00:00 2001 From: Caleb Stewart Date: Thu, 28 May 2020 01:21:08 -0400 Subject: [PATCH] Added gtfobins.json to the package data in setup.py as referenced in #14 --- .gitignore | 4 ++-- data/pwncatrc | 2 +- {data => pwncat/data}/gtfobins.json | 0 pwncat/privesc/sudo.py | 1 + pwncat/remote/victim.py | 5 ++++- setup.py | 2 +- 6 files changed, 9 insertions(+), 5 deletions(-) rename {data => pwncat/data}/gtfobins.json (100%) diff --git a/.gitignore b/.gitignore index cdbc1b3..69e682b 100644 --- a/.gitignore +++ b/.gitignore @@ -7,6 +7,6 @@ dist/ .byebug_history testbed .idea/ -data/*.sqlite +**/*.sqlite testing/ -data/pwncat.sqlite-journal \ No newline at end of file +data/pwncat.sqlite-journal diff --git a/data/pwncatrc b/data/pwncatrc index 23a97f5..79eadf9 100644 --- a/data/pwncatrc +++ b/data/pwncatrc @@ -7,7 +7,7 @@ set privkey "data/pwncat" # Set the pwncat backdoor user and password set backdoor_user "pwncat" set backdoor_pass "pwncat" -set db "sqlite:///data/pwncat.sqlite" +set db "sqlite:///pwncat.sqlite" set on_load { # Run a command upon a stable connection diff --git a/data/gtfobins.json b/pwncat/data/gtfobins.json similarity index 100% rename from data/gtfobins.json rename to pwncat/data/gtfobins.json diff --git a/pwncat/privesc/sudo.py b/pwncat/privesc/sudo.py index f02af3b..abef91f 100644 --- a/pwncat/privesc/sudo.py +++ b/pwncat/privesc/sudo.py @@ -27,6 +27,7 @@ class Method(BaseMethod): b"[sudo]" in output or b"password for " in output or output.endswith(b"password: ") + or b"lecture" in output ): if current_user.password is None: pwncat.victim.client.send(CTRL_C) # break out of password prompt diff --git a/pwncat/remote/victim.py b/pwncat/remote/victim.py index 7fa48ba..55bbafb 100644 --- a/pwncat/remote/victim.py +++ b/pwncat/remote/victim.py @@ -9,6 +9,7 @@ import time from typing import Dict, Optional, IO, Any, List, Tuple, Iterator, Union import paramiko +import pkg_resources import requests from colorama import Fore from sqlalchemy.engine import Engine, create_engine @@ -122,7 +123,9 @@ class Victim: "nc": ["netcat", "ncat"], } # GTFObins manager for this host - self.gtfo: GTFOBins = GTFOBins("data/gtfobins.json", self.which) + self.gtfo: GTFOBins = GTFOBins( + pkg_resources.resource_filename("pwncat", "data/gtfobins.json"), self.which + ) # Whether the user has pressed the defined prefix self.has_prefix = False # Parser for local command input diff --git a/setup.py b/setup.py index fc6177c..464b2c2 100644 --- a/setup.py +++ b/setup.py @@ -33,7 +33,7 @@ setup( author="Caleb Stewart", url="https://gitlab.com/calebstewart/pwncat", packages=find_packages(), - package_data={}, + package_data={"pwncat": ["data/*"]}, entry_points={"console_scripts": ["pwncat=pwncat.__main__:main"]}, data_files=[], install_requires=dependencies,