penelope icon indicating copy to clipboard operation
penelope copied to clipboard

Published 20 hours ago verified publisher icon brightio

Use "script /dev/null" instead of relying on Python for PTY upgrade

Open darrenmartyn opened this issue 3 years ago • 3 comments

The shell command "script /dev/null" (and some variations) work without spawning a Python process to launch a PTY shell.

I'd recommend doing this before trying to do the better known Python method, as it is more reliable.

darrenmartyn avatar Sep 07 '21 17:09 darrenmartyn

Thank you very much for the suggestion @darrenmartyn! I will try this for a while to see how it will go.

brightio avatar Oct 02 '21 14:10 brightio

@darrenmartyn, I tried the script method and while the shell works, some menu commands like the 'upload' have unexpected behaviour. Once I resolve that, I am thinking to put script as an alternative method if python does not exist. Could you please define the "more reliable" so to determine if it is better to precede the python method? Thank you

brightio avatar Jan 07 '22 18:01 brightio

"More reliable" in that it works on systems that don't have a working python installation (or any python installation at all), such as embedded devices, etc.

It also doesn't leave a python process hanging in the process tree - it simply spawns a new shell with stuff fixed up to be a PTY.

darrenmartyn avatar Jan 08 '22 21:01 darrenmartyn

Hi @darrenmartyn,

I put the method you suggested as an alternative to python. More specifically this is the order now: python3, python, script, socat

The reason I put the python first is that it enabled me to implement seamless interaction with the target regarding PTY resize, download/upload etc, in the same TCP socket.

The main parts of code that are responsible for this are: https://github.com/brightio/penelope/blob/74f648caef78455169c785a6165263f964727828/penelope.py#L2641 https://github.com/brightio/penelope/blob/74f648caef78455169c785a6165263f964727828/penelope.py#L2512

Also I have taken care of this:

It also doesn't leave a python process hanging in the process tree

Normally now you will not see any python process hanging after termination of the shell.

You can test the new alternative methods by simulating binary absense on the target:

  1. To test script: ./penelope.py -N python3,python
  2. To test socat: ./penelope.py -N python3,python,script

Thank you very much for this!

brightio avatar Oct 07 '22 09:10 brightio