Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Pwncat as a Service

See original GitHub issue

Is your feature request related to a problem? Please describe. I’d love to be able to setup a listener that’s always running in the background and connect to the program once a connection has come in. At the same time I’d like to be able to run a that same program on a vps and connect to the remote listener service, like a proxy for reverse shells or some sort of C2 service.

This could be a great help while doing CTF games.

Maybe it could even give me a notification of a connection through the WM.

Describe the solution you’d like I’d like to run a service on my pc and server that looks at a config file for ports to listen on. Then after a connection has come in it will be able to do some automated tasks if configured and it will just sit there untill I connect to the session.

Idea for config file:

# pwncat service config
authentication:
    - westar:helloworld
hosts:
    - 2001:db8:85a3:8d3:1319:8a2e:370:7348
    - 1.1.1.1
ports:
    - 4444
    - 4242
    - 1234
automation:
    windows:
        - persist
    linux:
        - escalate
        - persist

Then I could connect to the service with pwncat pwncat://westar:helloworld@1.1.1.1, or I could setup the server as a default in a configuration file.

Important note is that it would always use the local environment for files and modules. If I upload linpeas.sh it should pick it up from my local machine pass it through the vps/service and then upload it to the target.

Describe alternatives you’ve considered Ngrok could help with this, but it has it’s reliability issues and it wouldn’t give the always on feature.

Additional context I’d love to work on this, but I want to hear your opinion on this before I start.

Issue Analytics

State:
Created 2 years ago
Comments:7 (6 by maintainers)

Top GitHub Comments

1reaction

calebstewartcommented, Jun 19, 2021

I’m going to close this issue. I don’t believe this is something to be implemented in the core pwncat functionality, but as another package which can depend on pwncat and use it. If you’d like to use the discussions board to continue talking about this, I’m totally open to that. I’m just trying to keep the issue list clean for my own sanity 😃

0reactions

trevorbryantcommented, Jun 9, 2021

I’m adding this as an item to the [project board[(https://github.com/calebstewart/pwncat/projects/1) so this stays tracked.

@WesVleuten if/when you have some PRs coming, feel free to link back to this issue.

Top Results From Across the Web

pwncat - reverse shell handler with all netcat features

-T str, --tos str Specifies IP Type of Service (ToS) for the connection. Valid values are the tokens 'mincost', 'lowcost', 'reliability', 'throughput' or...

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, ...

Netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with...

API Documentation - pwncat documentation

pwncat provides a high-level API capable of being used not only while ... We connect to this service, send an exploit and a...

pwncat

Netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell and port forwarding magic - and its fully scriptable with Python ...

PwnCat:-- #Netcat on... - National Cyber Security Services

Masky:-- Python Library With CLI Allowing To Remotely Dump Domain User Credentials Via An ADCS Without Dumping The LSASS Process Memory. This project...