Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Questions about v0.9.2 #13

Closed
robertstrom opened this issue Dec 18, 2022 · 1 comment
Closed

Questions about v0.9.2 #13

robertstrom opened this issue Dec 18, 2022 · 1 comment
Labels
question Further information is requested

Comments

@robertstrom
Copy link

robertstrom commented Dec 18, 2022
edited

Hello, I'm about to pull down v0.9.2 and was wondering if you could elaborate on what these two statements translate to.

  • Removed Unix 'advanced' shell support
  • Removed PTY Windows shell support temporarily

I'm particularly interested in the Windows shell support. Does this mean that using v0.9.2 of penelope no longer supports any Windows reverse shells, or no longer supports some subset of Windows reverse shells?

What does the removal of Unix 'advanced' shell support mean as far as reduced functionality?

Thanks again for an excellent tool!! Very glad to see some development updates.
@brightio
Copy link
Owner

Hi @robertstrom!

Removed Unix 'advanced' shell support

TL;DR: Just ignore it. You will not loose anything.

Before, if python does not exist in the target, I was able to make an 'Advanced' shell if bash exist on the target. As you can see with "help upgrade" from the old Main Menu:
Screenshot from 2022-12-19 09-33-43

This mode was better than a basic (netcat) shell but still limited. Furthermore, when I started testing it with old Linux versions like the Centos you had mentioned in previous issues, I realized it is not working on every Linux version. So I removed it because it perplexed the code uneccessarily.

With the new version, if python does not exist, I use the script command as @darrenmartyn suggested, and if script does not exist I give the option to the user to automatically download and use the socat binary. If you want to test this yourself, please check my last comment on issue #1.

Removed PTY Windows shell support temporarily

TL;DR: Before you could use the https://github.com/antonioCoco/ConPtyShell to get a PTY shell on Penelope, now (until the next version) you cannot.

As stated in the README, currently there is only basic support for Windows shells (netcat-like interaction + logging) and the rest of the features (download, upload etc.) are under way.

Before, you could get a Windows PTY shell if you run the https://github.com/antonioCoco/ConPtyShell script from the target manually. Now this is not possible due to heavy changes I made in the code (to improve the PTY functionality on Linux) that affected this part. In the future, the PTY upgrade of Windows shells will be done automatically. However I am thinking complete all the Linux parts first by implementing socks & http proxy and port forwarding, and then move to Windows part.

For further information about the new version, please check my last comments on your issues #11 and #12.

Again thank you so much for the support and your kind words! This gives me the energy to continue developing this tool.

@brightio brightio added the question Further information is requested label Jan 18, 2023
@brightio brightio closed this as completed May 4, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@robertstrom @brightio