-
Notifications
You must be signed in to change notification settings - Fork 473
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
BIND shells do not return a prompt after remote connection #19
Comments
I could replicate. It seems to be due to this part of the code:
If there is latency, when we press enter to run powercat, the KeyUp event from pressing enter arrives after powercat is started. So the KeyUp event goes into the input stream, KeyAvailable returns True, and the first IF statement is executed. However the ReadKey in the second IF statement does not "IncludeKeyUp" and blocks the execution until a KeyDown is caught. |
I could replicate as well. |
... in a high latency environment. More details here: besimorhino#19.
I am experiencing this issue as well, the workaround works for me. |
I have this issue as well, but it doesn't seem to be specific to the up arrow. I can press any key and it loads the shell. I recorded this in a four second gif for you all to see: https://i.imgur.com/dApxP4Y.gif |
Replacing this with this (MSDN Uses something like this) or just Look at the way the craft the options in the MSDN examples. It doesn't look like calling comma separated strings is the correct nomenclature. EDIT: I'm pretty sure this is what's already been suggested but hopefully seeing it this way may help someone. https://docs.microsoft.com/en-us/dotnet/api/system.management.automation.host.pshostrawuserinterface?view=powershellsdk-7.0.0 |
Can someone else please validate? This seems to work... would like another verification. Thanks @lukebaggett !! |
Confirmed — I had the same symptom in the same circumstance, and applying the change in cb66833 resolved it. Thanks @besimorhino ! |
Had the same issues. I can confirm the mentioned patch working as well. |
Same problem, but if you just use "Arrow Up" in the Windows target the bind shell works(for example) |
... in a high latency environment. More details here: besimorhino#19.
Very glad you spotted this! At least I can get it to work with the workaround :D |
I am also having this problem. Can confirm hitting the up arrow as a workaround as well. |
I only appended the 'IncludeKeyUp' for TCP but can confirm it worked instantly first go. |
The bind shell
powercat -l -p 4444 -e cmd.exe
does not return a prompt until I pressUp Arrow
in the prompt running powercat.This may be due to latency involved with an OpenVPN/rdesktop set-up, but this latency would likely be involved in operational use. I did not attempt to recreate locally to see if latency was a factor.
Replication:
In PowerShell:
powercat -v -l -p 4444 -e cmd.exe
The prompt will report:
Listening on [0.0.0.0] (port 443)
On connecting device:
nc -nv 123.123.123.123 4444
After connecting, the connecting device displays:
(UNKNOWN) [123.123.123.123] 4444 (?) open
The bind device does not display the connection in the prompt, but the connection is visible in netstat.
In PowerShell Prompt:
<press up arrow>
The prompt will report
Connection from [123.123.123.123] port [tcp] accepted (source port 5555)
and proceed as normal.
The text was updated successfully, but these errors were encountered: