pwncat is a command and control framework that turns a basic reverse or bind shell into a fully-featured exploitation platform. This is somewhat similar to netcat. We can use this tool to get the reverse shell from the victim's machine.
A reverse shell is a shell session established on a connection that is initiated from a remote machine, not from the localhost.
A bind shell is a type of shell in which the target machine opens up a communication port or a listener on the victim machine and waits for an incoming connection.
Netcat is a very good tool to receive connections and enumerate further but there are some drawbacks. To bind a stabilize the shell in netcat works well. However, the added steps to get a reverse shell are repetitive after a while. There is also the danger of losing your remote shell by accidentally pressing “C-c” prior to gaining raw access is high.
Pwncat rectified the problem by running a script on the target machine which contains all the commands soon after the connection is established. It gives a terminal that has more features and is not easily breakable. It has a huge number of features, rather than running a script on the target machine to get an unbreakable and fully functional shell.
Some of the important features of pwncat:
- Utilize your connection for the enumeration of the target machine.
- File upload/download.
- Automatic persistence installation.
- Automated privilege escalation.
Installation
- Clone the repository - https://github.com/calebstewart/pwncat.
- Redirect to the repository.
- It is recommended to use a virtual environment. However, this can be done easily with the Python3 venv module:
- If pip is not installed, you can install pwncat with the provided setup scripts:
- To verify installation run pwncat --help.
No comments:
Post a Comment