David Davidson

FWIW, the same thing occurs with the !py command in some cases (if the python script takes a few seconds to run it seems - for example, your nojail.py script...

Of interest here might be some of the work done by Tim from Portcullis, just gonna leave some links below. https://labs.portcullis.co.uk/presentations/where-2-worlds-collide-bringing-mimikatz-et-al-to-unix/ https://labs.portcullis.co.uk/blog/an-offensive-introduction-to-active-directory-on-unix/ https://github.com/portcullislabs/linikatz

We could do this with the HTTP_PROXY/HTTPS_PROXY/FTP_PROXY environmental variables, would just have to double check that all the downloaders we support will consistently respect these. Might be a good idea...

@Viss - for the reverse port forward, running something like 3proxy or another SOCKS proxy on localhost (on the "attacking host"), and doing something like "ssh -R 1337:127.0.0.1:1337 -l root...

Just going to add this here, but an OPSEC note for if you are forwarding remote ports back to local ports to do proxying (and acting as a gateway). If...

I had some issues using netcat (from the command injection) to stage binaries (it was writing the first 1kb and then exiting), and it seemed to me that using echo...

I'll run a few, uh, tests and see if its worthwhile. I've seen some pretty weird stuff when enumerating using passivetotal on occasion though.

TL;DR: yes, it is. Got this working with a Python/ctypes implementation, just need to port it over at some point. You do the following: 1. Create memfd, put hook.so data...

To be honest, the single-proxy-container setup to do transparent proxying for the VPN containers is probably the best option for performance, the only reason I was thinking of using a...

Going to actually test this on a live Wordpress instance later today, and see how it goes. The following is interesting/useful for auto-bulk-installing large numbers of plugins to an instance,...