-
Notifications
You must be signed in to change notification settings - Fork 253
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] C-d from remote prompt after connection closed causes uncaught exception #133
Comments
Firstly, I got into some other work causing delay in your tests. If you want to use it, here is the error.log for the output shown in the images below. I should have created another Issue, instead I am presenting here since it is a fairly similar issue if not the same Steps to reproduce
ScreenshotsGet a session and kill it from the other side Interact with the invalidated session and return to the remote terminal |
After a connection error, we should close the respective session if it is not closed and prevent the user from interacting with it. |
This should also prevent the obnoxiously long 30-second timeout when a connection drops, which is something that I couldn't figure out how to fix before, so I'm happy it's gone. 🤣 |
Just did some more testing. There is still the other error you mentioned when trying to go back to the remote prompt after the shell dies. I'll work on that now. EditJust pushed another commit that should take care of the context switch into the remote shell when a channel has disconnected prematurely. |
Describe the bug
If you are connected to a victim, and the remote shell is killed, if you press
C-d
to exit the remote shell, an uncaughtChannelError
is raised. The routine inManager.interactive
needs to be modified to catch these exceptions.In most places, exceptions are caught, but there was some wiggle-room left during transition between states, which causes this problem.
Describe the target system
Any target will trigger this error if the remote shell/process is killed and the next input from the attacker is
C-d
.Steps To Reproduce
Steps to reproduce the behavior:
socat TCP-LISTEN:4444,reuseaddr,fork EXEC:/bin/bash
pwncat W.X.Y.Z 4444
C-d
to go to remote promptC-c
to killsocat
C-d
to return to pwncat promptThis will cause the uncaught
ChannelError
, and exit pwncat completely. It's worth noting that if any other keys are pressed besidesC-d
, pwncat will recognize the channel has closed and continue correctly.Expected behavior
Exception is caught just as if you pressed any other key.
Screenshots
Expected Solution
The problem is at lines 593-612 of
manager.py
:The
Exit interactive mode
block should be within thetry
-block. Something like this:The text was updated successfully, but these errors were encountered: