Releases: antonioCoco/ConPtyShell
Releases · antonioCoco/ConPtyShell
ConPtyShell 1.5
Changes
- Huge change in the "Upgrade" function in order to support also the hijacking of Non-Overlapped sockets. 🎉
This is implemented by setting the socket in non-blocking mode through the ioctl socket code FIONBIO. Additional efforts and code have been added in order to manage the WSAEWOULDBLOCK errors and asynchronous operations in different threads thanks to WSAEventSelect(). - Buffer sizes for support stdin/stdout/stderr operation changed from 256 bytes to 8192 bytes. This make the shell interactivity more smooth.
Bugfixes
- Fixed a handle leak bug in socket handles;
- Fixed a handle leak bug in duplicated socket handles;
- Fixed a bug in handle enumeration that caused memory violation exceptions.
ConPtyShell 1.4
Added
- The "upgrade" function now supports hijacking of a socket even in processes having multiple \Device\Afd objects (so multiple sockets associated). This fixes bugs when you use Invoke-WebRequest with powershell. ConPtyShell will be able to select the proper socket. It uses the function WSAIoctl(), with the control code SIO_TCP_INFO, and it checks the socket state
- Added a check in the "upgrade" function in order to detect (and skip) the Non-OVERLAPPED sockets that are not compatible with the ConPty console I/O management. It uses the function NtDeviceIoControlFile() with the Ioctl IOCTL_AFD_GET_CONTEXT to retrieve a SOCKET_CONTEXT object which contains (in the SharedData) the CreationFlags and it checks the WSA_FLAG_OVERLAPPED bit is set
Changes
- Changed the "upgrade" logic of the function GetSocketTargetProcess() in order to support the retrieve of all sockets from the target process. Now named GetSocketsTargetProcess()
- Changed the socket hijacking logic in the "upgrade" function. It now tries to hijack the sockets of the processes based on 3 levels of hierarchy in the following order: 1. current process -> 2. parent process -> 3. grandparent process.
Bugfixes
- Fixed a bug for zsh users
- Fixed a bug in the "upgrade" for the type index of the object types "File". Changing from static value 0x25 to dynamically retrieve the value on the runnig system with the call NtQuerySystemInformation and infoclass ObjectAllTypesInformation. Thanks to @tiraniddo and @0xrepnz for the advices and implementation
- Fixed a bug in the "upgrade" when converting an IntPtr to SYSTEM_HANDLE_TABLE_ENTRY_INFO object that made the program crash. Now managed with try-catch block
- Fixed a bug in the "upgrade" while checking socket inheritance between child -> parent -> grandparent processes. Now the sockets are correctly duplicated
- Fixed a memory leak in the "upgrade" in ThreadCheckDeadlock() function
- Fixed a bug in the "upgrade" while reordering multiple sockets. Now using bytes received as key for sorting instead of handle numbers. This fixed bugs in which ConPtyShell hijacked the wrong socket used by powershell when invoking Invoke-WebRequest.
ConPtyShell 1.3
Added
- Added a magic flag "upgrade" that allows to upgrade the current shell in a fully interactive shell. It uses Socket Hijacking technique to catch the socket used by the shell enhancing it with the ConPty.
Changes
- Changed the usage of the sockets, going from C# sockets to native Winsock
ConPtyShell 1.2
Added
- Compatibility for .NET 2.0
Bugfixes
- Fixed bug for x86 windows - #2
- Fixed bug "Could not get console mode" when the caller process does not have an associated console
ConPtyShell 1.1
Added
- Automatic detection of ConPTY availability.
- Fallback to a normal interactive shell if ConPTY is not available
Bugfixes
- Adjusted buffer size that printed some bad chars in some cases
ConPtyShell version 1.0 released
ConPtyShell version 1.0 released