You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
First I would like to say pwncat looks awesome and although I am unable to test it now, I would like to in the future.
Next, reading through your your plans for the future to kind-of turn pwncat into a swiss army knife, I had a few thoughts and questions:
More privilege escalation methods (sudo -u#-1 CVE, LXD containers, etc.)
Persistence methods (bind shell, cronjobs, SSH access, PAM abuse, etc.)
As you probably know, these are generic functions built into Kali and there are Python rewrites of some of the code to the Metasploit framework. Maybe their code could be helpful here? EDIT After further reading through the documentation, I am seeing several Metasploit-isms. Please disregard this suggestion as it would appear you're already doing this.
Aggression methods (spam randomness to terminals, flush firewall, etc.)
Have you looked at Atomic Red Team's product(s)? Specifically https://sysdig.com/blog/atomic-red-team-falco/
One of the features of this tool is to generate traffic based on Mitre ATT&CK techniques, perhaps aspects of this project could help guide the design of features?
Network methods (port forward, internet access through host, etc.)
Since you already have SSH-like functionality built into pwncat, would it be a big lift to import SSH's port forwarding/proxy/etc capabilities?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Good morning,
First I would like to say pwncat looks awesome and although I am unable to test it now, I would like to in the future.
Next, reading through your your plans for the future to kind-of turn pwncat into a swiss army knife, I had a few thoughts and questions:
Beta Was this translation helpful? Give feedback.
All reactions