[BUG] reverse shell to pwncat

calebstewart / pwncat

Fancy reverse and bind shell handler

https://pwncat.readthedocs.io

MIT License

2.63k stars 258 forks source link

[BUG] reverse shell to pwncat #63

Closed PierreMandrou closed 3 years ago

PierreMandrou commented 4 years ago

Hi, first I want to say thx for sharing this amazing tool with the community.

Describe the bug I'm trying to get a reverse on jack machine on Try Hack Me platform. The prolem is that when i bound pwncat to any port and send reverse from target it's stuck at 85.7%

Describe the target system Jack from HackTheBox

Linux jack 4.4.0-142-generic #168-Ubuntu SMP Wed Jan 16 21:00:45 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux

To Reproduce Steps to reproduce the behavior: send from jack user a shell to pwncat listener

Expected behavior Getting a pwncat shell

Screenshots

Best Regards,

Pierre

PierreMandrou commented 4 years ago

Got another error when i try a bash reverse too :

calebstewart commented 4 years ago

Regarding the initial problem, I can't reproduce it on my end, oddly. I just tried the same box with TryHackMe, and it went pretty smoothly. I used WordPress to get a reverse shell as www-data and caught it with pwncat -lp 4444. Then, I was able to get the private key for jack, and used pwncat -i id_rsa jack@jack.thm and was able to get a pwncat session via SSH as well.

To do a 1-for-1 comparison, I also tried to open a reverse shell as jack from a standard shell, and it appeared to work just fine:

Does this happen consistently for you?

calebstewart commented 4 years ago

My best guess is that the two problems are related. It seems like you might have an unstable connection, and the connection was being reset for some reason. If that happened while initializing the pwncat session, it would likely hang. In the second case, the exception should have been caught and presented in a better way, which I can fix.

Hanging during initialization may be able to be fixed, but it wouldn't fix the connection resetting problem. I think pwncat is currently retrying when errors happen on the socket during initialization, which would cause the hanging behavior you saw. I'll look into it in the morning.

trevorbryant commented 3 years ago

@PierreMandrou, are you still experiencing any funky behavior? There were modifications to how pwncat handles connections with stability improvements a few releases back.

trevorbryant commented 3 years ago

@PierreMandrou, I'm closing this issue while it has gone stale. Feel free to re-open when needed.