Arusekk
commented
1 month ago Have you heard about fish:// protocol? It is basically using shell commands in order to navigate a filesystem. We could implement a subset of it for the generic tube. And we could also add tty escaping (like with the newline), adding ^V (termios lnext) before any special character.
Email z czwartku 23 maja 2024 od peace-makera:
Upload data in chunks when having a tube connected to a shell. This is useful when doing kernel or qemu challenges where you can't use the ssh tube's file upload features.
Basically implements
exploit = read('./exploit') for chunk in group(64, exploit): io.sendlineafter(b'$', f'echo {b64e(chunk)} | base64 -d >> ./exploit'.encode()) io.sendlineafter(b'$', b'chmod +x ./exploit && ./exploit') # becomes exploit = read('./exploit') io.upload_manually(exploit, target_path='./exploit') io.sendlineafter(b'$', b'./exploit')with optional compression if the target supports it and nicer progress output.
WIP since it needs tests.
Fixes #2367 You can view, comment on, or merge this pull request online at:
https://github.com/Gallopsled/pwntools/pull/2410
-- Commit Summary --
- Add
tube.upload_manually-- File Changes --
M pwnlib/tubes/tube.py (88)-- Patch Links --
https://github.com/Gallopsled/pwntools/pull/2410.patch https://github.com/Gallopsled/pwntools/pull/2410.diff
-- Reply to this email directly or view it on GitHub: https://github.com/Gallopsled/pwntools/pull/2410 You are receiving this because you are subscribed to this thread.
Message ID: @.***>
-- Wysłane z mojego urządzenia Sailfish
peace-maker
Upload data in chunks when having a tube connected to a shell. This is useful when doing kernel or qemu challenges where you can't use the ssh tube's file upload features.
Basically implements
with optional compression if the target supports it and nicer progress output.
WIP since it needs tests.
Fixes #2367