- Fixed UTF-8 char conversion for Python3
- Fixed calculation for socket bytes sent
- Fixed shutdown handling for port scanner
- Fixed false positives for port scanner
- Fixed sending binary data from stdin
- Fixed self-inject mode if remote sends greetings or prefixes: #83
- Fixed remote command to respawn if it crashes due to bad user input
- Implemented signal handler to distribute shutdown signals across threads
- Feature:
--no-shutdown
to copy the behaviour of OpenBSD netcat to keep stdin open after EOF - Feature:
--http
- Feature:
send-on-eof
- CI: Integration tests for inject shell
- CI: Integration tests for different file transfer modes
- Added artwork
- Changed behaviour to close after EOF on stdin (can be reverted via
--no-shutdown
) - Added faster method to validate remote files in CNC mode
- Fixed freeze in raw mode: #81
- Install instructions for ArchLinux
- Feature: Rebind forever:
--rebind
: #44 - Feature: Wait between rebind attempts:
--rebind-wait
: #45 - Feature: Port hopping for rebinds:
--rebind-robin
: #46 - Feature: Send initial ping
--ping-init
: #48 - Feature: Zero-I/O mode (port scan)
--zero
: #32 - Feature: Safeword:
--safe-word
: #51 - Feature: Stateless UDP connect:
--udp-sconnect
and--udp-sconnect-word
: #79
- Re-organized command line arguments for better overview
- Feature: Be able to inject multiple reverse shells
--self-inject
by specifying a port list (comma separated, range or increment): https://www.youtube.com/watch?v=VQyFoUG18WY
- port argument not only takes comma seperated value or range, but now also an increment:
443+10
- Feature: Be able to specify source address and port for clients: #66
- Feature: Dualstack IPv4 and IPv6 by default (use
-4
or-6
to use either of them alone) - Feature: Allow
addr
part in--local
to be optional for consistency: #54 - Feature: Have a stateful connect phase for UDP
- CI: Run integration tests for any combination of IPv4, IPv6, TCP, UDP, specific bind and wildcard bind
- Ensure remote hostname is mandatory for
--local
/-L
mode
- Feature: IP ToS selection (
-T
/--tos
) - Feature: Print socket options (
--info
) for socket, IPv4, IPv6 and/or TCP
- CI: Fixed test frameworks for error checking
- Feature: IPv6 support (
-6
)
- Changed
--rebind
to allow omitting an argument for endless connect retries
- Added self-injecting unbreakable pwncat reverse shell
- Fixed broken pipe with
tail -F
- CI: Retry with different port on test failure
- Added feature: Made
PSEStore
instance available to all PSE scripts to persist data, interacti with sockets, stop signal and logger - Added chat-bot PSE
- Added documentation for PSE API
- Feature: Client port hopping (
--reconn-robin
): #43
- Feature: Adedd PSE: Pwncat Scripting Engine (
--script-send
and--script-recv
): #62
- Fixed various bugs with
--reconn
,--keep-open
,--local
and--remote
- Fixed various bugs with threads
- Fixed shutdown behaviour with Ctrl+c for --keep-open
- Fixed shutdown behaviour with Ctrl+c for --reconn
- Feature: Custom ping word (
--ping-word
): #49 - Python type coverage report
- CI: Added ca. 13,000 LoC integration tests and fixed findings accordingly
- CI: Added dockerized interactive tests to simulate Ctrl+c
- Code: really heavy heavy code refactoring
- Option:
-C
/--crlf
now takes an argument to either force LF, CRLF or CR or even remove line feeds altogether on input AND output (or keep as it is, if not specified) - Modularized code for better plugin integration
- Fixes #47 Change
--udp-*
options to--*
to allow both, UDP and TCP
- CI: pylinyt
- CI: mypy
- Code: heavy refactoring
- CI: separate jobs
- API: switched from pdoc to pdoc3
- Feature: colorized logging (
-c
/--color
): #56
- Feature: implemented remote port forwarding mode:
-R
/--remote
- Fixed
-L
/--local
mode to now persist multiple requests - Fixed
-C
/--crlf
Only replace\n
with\r\n
if\n
exists and don't blindly add.
- Integration tests for
L
/--local
mode
- Plugin architecture has been heavily refactored to make it easier to add new plugins
- Improved logging
- Fixed
-n
/--nodns
to actually not resolve DNS - Fixed various threading issues
- Check for unimplemented options
- Feature: Made socket receive non-blocking
- Feature: Made stdin non-blocking (except for Windows)
- Documentation: man page
- Documentation: updated readme and contribution guidelines
- CI: lots of integration tests for Linux, MacOS and Windows
- Changed daemon threads to non-daemon threads
- Use Python's
logging
module instead of self-written one - Usage options have changed drastically
- Changed
--reconn
and--reconn-wait
to keep open (-k
/--keep
)
- Removed
builtins
import for cross-os base install compatibility
- Feature: Local port forward (
-L
)
- Feature: UDP connect mode interval ping (
--udp-ping-intvl
) for unbreakable UDP reverse shells
- Hardened Python 2/3 string compatibility
- Checking against mutually exclusive arguments
- Fix crash while checking for Mac newlines
\r
- Editorconfig
- Feature: Re-connect/Re-listen on connection abort (
--reconn
) - Feature: Re-connect/Re-listen on connection abort (
--reconn-wait
)
- Feature: Execute shell commands (
-e/--exec
) - Feature: Skip DNS resolution (
-n/--nodns
) - Documentation: API docs
- Renamed project from netcat to pwncat
- Feature: Listen
- Feature: Connect
- Feature: UDP mode
- Feature: Change linefeeds (LF vs CRLF)
- Feature: Verbosity