- Fixed UTF-8 char conversion for Python3
- Fixed calculation for socket bytes sent
- Fixed shutdown handling for port scanner
- Fixed false positives for port scanner
- Fixed sending binary data from stdin
- Fixed self-inject mode if remote sends greetings or prefixes: #83
- Fixed remote command to respawn if it crashes due to bad user input
- Implemented signal handler to distribute shutdown signals across threads
- Feature:
--no-shutdownto copy the behaviour of OpenBSD netcat to keep stdin open after EOF - Feature:
--http - Feature:
send-on-eof - CI: Integration tests for inject shell
- CI: Integration tests for different file transfer modes
- Added artwork
- Changed behaviour to close after EOF on stdin (can be reverted via
--no-shutdown) - Added faster method to validate remote files in CNC mode
- Fixed freeze in raw mode: #81
- Install instructions for ArchLinux
- Feature: Rebind forever:
--rebind: #44 - Feature: Wait between rebind attempts:
--rebind-wait: #45 - Feature: Port hopping for rebinds:
--rebind-robin: #46 - Feature: Send initial ping
--ping-init: #48 - Feature: Zero-I/O mode (port scan)
--zero: #32 - Feature: Safeword:
--safe-word: #51 - Feature: Stateless UDP connect:
--udp-sconnectand--udp-sconnect-word: #79
- Re-organized command line arguments for better overview
- Feature: Be able to inject multiple reverse shells
--self-injectby specifying a port list (comma separated, range or increment): https://www.youtube.com/watch?v=VQyFoUG18WY
- port argument not only takes comma seperated value or range, but now also an increment:
443+10
- Feature: Be able to specify source address and port for clients: #66
- Feature: Dualstack IPv4 and IPv6 by default (use
-4or-6to use either of them alone) - Feature: Allow
addrpart in--localto be optional for consistency: #54 - Feature: Have a stateful connect phase for UDP
- CI: Run integration tests for any combination of IPv4, IPv6, TCP, UDP, specific bind and wildcard bind
- Ensure remote hostname is mandatory for
--local/-Lmode
- Feature: IP ToS selection (
-T/--tos) - Feature: Print socket options (
--info) for socket, IPv4, IPv6 and/or TCP
- CI: Fixed test frameworks for error checking
- Feature: IPv6 support (
-6)
- Changed
--rebindto allow omitting an argument for endless connect retries
- Added self-injecting unbreakable pwncat reverse shell
- Fixed broken pipe with
tail -F
- CI: Retry with different port on test failure
- Added feature: Made
PSEStoreinstance available to all PSE scripts to persist data, interacti with sockets, stop signal and logger - Added chat-bot PSE
- Added documentation for PSE API
- Feature: Client port hopping (
--reconn-robin): #43
- Feature: Adedd PSE: Pwncat Scripting Engine (
--script-sendand--script-recv): #62
- Fixed various bugs with
--reconn,--keep-open,--localand--remote - Fixed various bugs with threads
- Fixed shutdown behaviour with Ctrl+c for --keep-open
- Fixed shutdown behaviour with Ctrl+c for --reconn
- Feature: Custom ping word (
--ping-word): #49 - Python type coverage report
- CI: Added ca. 13,000 LoC integration tests and fixed findings accordingly
- CI: Added dockerized interactive tests to simulate Ctrl+c
- Code: really heavy heavy code refactoring
- Option:
-C/--crlfnow takes an argument to either force LF, CRLF or CR or even remove line feeds altogether on input AND output (or keep as it is, if not specified) - Modularized code for better plugin integration
- Fixes #47 Change
--udp-*options to--*to allow both, UDP and TCP
- CI: pylinyt
- CI: mypy
- Code: heavy refactoring
- CI: separate jobs
- API: switched from pdoc to pdoc3
- Feature: colorized logging (
-c/--color): #56
- Feature: implemented remote port forwarding mode:
-R/--remote
- Fixed
-L/--localmode to now persist multiple requests - Fixed
-C/--crlfOnly replace\nwith\r\nif\nexists and don't blindly add.
- Integration tests for
L/--localmode
- Plugin architecture has been heavily refactored to make it easier to add new plugins
- Improved logging
- Fixed
-n/--nodnsto actually not resolve DNS - Fixed various threading issues
- Check for unimplemented options
- Feature: Made socket receive non-blocking
- Feature: Made stdin non-blocking (except for Windows)
- Documentation: man page
- Documentation: updated readme and contribution guidelines
- CI: lots of integration tests for Linux, MacOS and Windows
- Changed daemon threads to non-daemon threads
- Use Python's
loggingmodule instead of self-written one - Usage options have changed drastically
- Changed
--reconnand--reconn-waitto keep open (-k/--keep)
- Removed
builtinsimport for cross-os base install compatibility
- Feature: Local port forward (
-L)
- Feature: UDP connect mode interval ping (
--udp-ping-intvl) for unbreakable UDP reverse shells
- Hardened Python 2/3 string compatibility
- Checking against mutually exclusive arguments
- Fix crash while checking for Mac newlines
\r
- Editorconfig
- Feature: Re-connect/Re-listen on connection abort (
--reconn) - Feature: Re-connect/Re-listen on connection abort (
--reconn-wait)
- Feature: Execute shell commands (
-e/--exec) - Feature: Skip DNS resolution (
-n/--nodns) - Documentation: API docs
- Renamed project from netcat to pwncat
- Feature: Listen
- Feature: Connect
- Feature: UDP mode
- Feature: Change linefeeds (LF vs CRLF)
- Feature: Verbosity