pwncat is a command and control framework that turns a basic reverse or bind shell into a fully-featured exploitation platform.
Uploading Files
Usually transferring a file from our host machine to the victim machine is
so hard. It involves you hosting a python server and then using services
like wget in Linux to download the file.
But pwncat does all the steps with ease. It does not require you to host an
HTTP server by python or need wget to get the file. You can simply
upload the file by
upload filename.
In the CTF competition, we need to upload winpeas or
linpeas for privilege escalation. So pwncat save a lot of time for
you to transfer file.
Uploading File Example |
In the picture attached the /etc/hosts file is uploaded to
/tmp/hosts of the victim machine from the host machine.
Downloading Files
Downloading files is also easy in pwncat. You can easily download a file
from the victim machine to the host machine. This is usually useful when you
want to edit a file on your host machine.
To edit that file to escalate privileges, the attacker should download the
file, edit it and upload it back. For example, you find a cron job executing
every minute and the file is owned by the root user. Your current user has
edit privilege and now you can download the file on your machine and edit
with ease with pwncat.
Usually editing on a remote machine is tuff. Here pwncat helps you to
download the file and then you can reupload the edited file and set up a
listener so that we can get a reverse shell when the cron job is again
executed.
Downloading File Example |
We hope this helps. If any suggestions or doubts you can add a comment and we
will reply as soon as possible.
No comments:
Post a Comment