remove pam insufficient perms

[CodeXTF2]

Default installation of CentOS 7, removing the pam module gives an insufficient permission error even though I am using a root shell.

(remote) root@localhost:/# 
[01:23:13] local terminal restored   
...    
(local) pwncat$ persist -r -m pam                                                                                                                   
[!] insufficient permissions

[CodeXTF2]

UPDATE : Fixed it.

Problem was it wasnt locating the pam modules folder correctly. Cant figure out why, but changing the find pam_deny.so command to the locate command worked. :)

[calebstewart]

The method of finding the pam folders was different between the removal and install routines. I believe this may have been caused by a botched merge. In any case, they are the same now and I tested installing and removing and it appears to be working from my end. Please re-open if you still have issues, and thanks for all the issues! Seriously, it's helpful to get outside perspective! 👍

[CodeXTF2]

Welcome! Yeah thanks for this, been using a slightly customized version of this project in my offensive toolkit recently :D Makes it so much easier to implement post exploitation modules. (Ive been kind of using the persist command as a way to run some post exploitation modules i made for specific situations xD) Yeah il add any issues I find (and hopefully fixes). Thanks for maintaining this nice tool so regularly :D

[calebstewart]

That's awesome! I'm glad it's getting used. If the routines you are trying to implement aren't persistence specifically, you can implement custom commands instead. You can look at some of the smaller/more basic commands for examples (e.g. sync or even upload and download. The API documentation for the commands interface is also over on readthedocs.

That will allow you to take parameters and stuff like a proper command, and it will be automatically syntax highlighted and tab completed for you 😁

[CodeXTF2]

ah, i might look into that! But I like having a prefix cuz im gna be making a bunch of modules and I dont wanna flood myself with commands. Right now i renamed the persist command to deploy so it makes more sense and I just have a bunch of modules so I can do stuff like

deploy -i -m modulename

Where some modules just have an empty remove section if they are a one way action e.g. clearing logs or spawning a reverse shell. How would I go about making a separate "run" or "use" command that takes in modules similar to persist?

[calebstewart]

Make a new issue to discuss this in more detail. Please reply there, since this issue is technically closed. Thanks 😅

#23