Git Product home page Git Product logo

Comments (7)

JusticeRage avatar JusticeRage commented on June 12, 2024

I've just tried using a docker CentOS image and the command worked fine.
One thing you can try is to use the !dbg command after you've logged into the machine. It will show you the currently expected command prompt, which in your example should be "$ ". if it's not, then the next command is likely to freeze.

Also, what OS are you using locally?

from ffm.

nbeguier avatar nbeguier commented on June 12, 2024

Locally, I'm using a debian unstable (buster/sid)
The command !dbg shows me my prompt ...

from ffm.

JusticeRage avatar JusticeRage commented on June 12, 2024

I'll try setting up a Debian unstable VM to try it out.
One last thing you can try is launch ffm.py with the --debug-input and/or --debug-output options to try and see if there is a problem with the data sent/received.

from ffm.

nbeguier avatar nbeguier commented on June 12, 2024

This is kind of the same result.
I have no output or input when I launch the !upload command.

$ ./ffm.py --debug-output --debug-input

███████╗███████╗███╗   ███╗   ██████╗ ██╗   ██╗
██╔════╝██╔════╝████╗ ████║   ██╔══██╗╚██╗ ██╔╝
█████╗  █████╗  ██╔████╔██║   ██████╔╝ ╚████╔╝ 
██╔══╝  ██╔══╝  ██║╚██╔╝██║   ██╔═══╝   ╚██╔╝  
██║     ██║     ██║ ╚═╝ ██║██╗██║        ██║   
╚═╝     ╚═╝     ╚═╝     ╚═╝╚═╝╚═╝        ╚═╝   

FFM enabled. Type !list to see available commands and exit to quit.
1B 5D 30 3B 6E 62 65 67 75 69 65 72 40 70 61 72 2D 50 46 30 54 31 35 59 4B 3A 20 7E 2F 77 6F 72 6B 73 70 61 63 65 2F 73 65 63 75 72 69 74 79 2F 46 46 4D 07 1B 5B 30 31 3B 33 32 6D 6E 62 65 67 75 69 65 72 40 70 61 72 2D 50 46 30 54 31 35 59 4B 1B 5B 30 30 6D 3A 5B 6D 61 73 74 65 72 5D 1B 5B 30 31 3B 33 34 6D 7E 2F 77 6F 72 6B 73 70 61 63 65 2F 73 65 63 75 72 69 74 79 2F 46 46 4D 1B 5B 30 30 6D 24 20 
$ 0D 
1B 5D 30 3B 6E 62 65 67 75 69 65 72 40 70 61 72 2D 50 46 30 54 31 35 59 4B 3A 20 7E 2F 77 6F 72 6B 73 70 61 63 65 2F 73 65 63 75 72 69 74 79 2F 46 46 4D 07 1B 5B 30 31 3B 33 32 6D 6E 62 65 67 75 69 65 72 40 70 61 72 2D 50 46 30 54 31 35 59 4B 1B 5B 30 30 6D 3A 5B 6D 61 73 74 65 72 5D 1B 5B 30 31 3B 33 34 6D 7E 2F 77 6F 72 6B 73 70 61 63 65 2F 73 65 63 75 72 69 74 79 2F 46 46 4D 1B 5B 30 30 6D 24 20 
$ 0D 
1B 5D 30 3B 6E 62 65 67 75 69 65 72 40 70 61 72 2D 50 46 30 54 31 35 59 4B 3A 20 7E 2F 77 6F 72 6B 73 70 61 63 65 2F 73 65 63 75 72 69 74 79 2F 46 46 4D 07 1B 5B 30 31 3B 33 32 6D 6E 62 65 67 75 69 65 72 40 70 61 72 2D 50 46 30 54 31 35 59 4B 1B 5B 30 30 6D 3A 5B 6D 61 73 74 65 72 5D 1B 5B 30 31 3B 33 34 6D 7E 2F 77 6F 72 6B 73 70 61 63 65 2F 73 65 63 75 72 69 74 79 2F 46 46 4D 1B 5B 30 30 6D 24 20 
$ 6E n63 c20  31 137 732 22E .31 138 82E .30 02E .32 220  37 737 737 737 720  21 !62 b79 y70 p61 a73 s73 s0D 
1B 5D 30 3B 6E 62 65 67 75 69 65 72 40 70 61 72 2D 50 46 30 54 31 35 59 4B 3A 20 7E 2F 77 6F 72 6B 73 70 61 63 65 2F 73 65 63 75 72 69 74 79 2F 46 46 4D 07 1B 5B 30 31 3B 33 32 6D 6E 62 65 67 75 69 65 72 40 70 61 72 2D 50 46 30 54 31 35 59 4B 1B 5B 30 30 6D 3A 5B 6D 61 73 74 65 72 5D 1B 5B 30 31 3B 33 34 6D 7E 2F 77 6F 72 6B 73 70 61 63 65 2F 73 65 63 75 72 69 74 79 2F 46 46 4D 1B 5B 30 30 6D 24 20 
$ nc 172.18.0.2 7777 !bypass0D 
0D 
0D 
0D 
0D 
21 !75 u70 p6C l6F o61 a64 d0D 
Usage: !upload [local file] [remote destination]
Received 1 argument(s), expected 3.
$ 0D 
0D 
0D 
0D 
21 !75 u70 p6C l6F o61 a64 d20  66 f66 f6D m2E .70 p79 y20  74 t65 e73 s74 t2E .70 p79 y0D 
<FREEZE>

from ffm.

JusticeRage avatar JusticeRage commented on June 12, 2024

Well I'm stumped. What terminal are you using? I'm running terminator, could that be it? I find it very unusual that your command prompt is a simple dollar sign with a standard Debian distribution.
Let's try displaying exactly what command is passed to the shell on your machine. Can you add this line:

write_str("echo \"%s\" |base64 -d |gunzip >> %s" % (b64.decode("ascii"), self.destination), LogLevel.ERROR)

...between lines 70 and 71 of upload_file.py? Also try running the same command manually, without the harness and see what happens.

from ffm.

0x27 avatar 0x27 commented on June 12, 2024

FWIW, the same thing occurs with the !py command in some cases (if the python script takes a few seconds to run it seems - for example, your nojail.py script with no arguments (so it detects IP from SSH env vars)).

from ffm.

JusticeRage avatar JusticeRage commented on June 12, 2024

The last commits have solved several harness freeze causes. Let me know if it improves the situation for any of you!

from ffm.

Related Issues (12)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.