Conflict between platypus and various shell exit commands

Question

Conflict between platypus and various shell exit commands

laluka opened this issue 3 years ago · 10 comments

Description

I've been in a context where I need to exit a shell that has been spawned (let's say shell > pty > mysql), but not go back to platypus itself.
In this context, typing exit will quit the (platypus) interactive mode, yet not exit mysql.
Spawning a new pty (reset attempt) on this session will feed the "pty creation commands" to mysql instead of bash, making this session unusable / bricked.

It would be nice to have platypus exit command binded to something unused, like platyquit, exitplatypus or even goback.
Or maybe add an easy way to rename platypus commands in confirguration, like

cmdalias:
  exit: platyquit
  list: ls

Thanks so much for this awesome tool/C2, it's 🔥 ! 💟

Answer 1 · 2021-05-02T04:40:35.000Z

Good idea! I will fix it later today.

Answer 2 · 2021-05-02T07:13:20.000Z

A more graceful option is to use the Upgrade [Termite IP] [Termite Port] command (eg: Upgrade 1.3.3.7 13337) to upgrade the current plain reverse shell session to a encrypted session. Just like the gif of the Upgrade a reverse shell to an encrypted channel (Termite) section in README.md. In that encrypted session, you can spawn as many as you want shells. Also, the exit issue you mentioned in this issue will be gone.

Unfortunately, this Upgrade command only supports Linux-amd64 currently. More operating systems will be supported soon. Maybe in the next release.

Answer 3 · 2021-05-02T07:14:01.000Z

To pick up this hot fix, you can just clone this repo, and then run make.
finally, you can get platypus at the ./build folder.

Answer 4 · 2021-05-02T07:20:18.000Z

Notice, if you use the older version of platypus, the config file config.yml may be incompatible with the latest version. To fix this issue, just backup your old config file, then delete it, then rerun platypus to generate the latest config file.

Answer 5 · 2021-05-02T09:29:30.000Z

v1.4.2 released with some new features for termite and platypus.

1. Enable termite run as daemon mode
2. Termite will automatically be removed by itself
3. Add random delay to termite to reduce the stress of platypus when
there are a lot of termites
4. Improve the user experience
	1. Exit plain reverse shell in PTY mode via `platyexit`
5. Add `Upgrade` meta-command in CLI mode

Feel free to check it out and leave some feedbacks~ Thank you, bro!

Answer 6 · 2021-05-02T16:12:05.000Z

Nice improvements ! :)
Yet it doesn't really solve the issue.. 😢

Using "exit" still quits platypus instead of the shell. Using "platyquit" also quits, but if one need to exit a mysql shell, one need to use "exit" without it quiting platypus..
Would it be possible to have only platyquit as the quit command and leave the "exit" without conflicts ?

I tried playing with Upgrade too, but with some touble.. A few ideas of improvement :
While using the list command, add the session type, like "termite" or "pty" or "simple shell" to know their type and be able to diferentiate them.

Also, I thought I had upgraded, but it wasn't really done. It would be nice to either have a --version flag on platypus, or have it display both version and config file location on start :)

As always, good work, fast answer, just neat ! 🌷

Answer 7 · 2021-05-02T17:40:47.000Z

Could you please provide a demo of platypus not working on platyquit.
It seems everything works fine in my tests.

By the way, the Upgrade command only works on the reverse shell which is not in the pty mode. For robustness, you can execute Upgrade once the shell connected. Then interact with the upgraded termite session instead of the plain reverse shell.
The encrypted termite session is more robust, and easy to use, and does not have the exiting issues anymore (You can spawn as many as interactive shells you want).

Answer 8 · 2021-05-02T17:54:20.000Z

Oh, okey, well I wasn't in the upgraded shell then.. All good now ! :)
And platypus does work well with platyquit, what I meant is that in a regular shell, typing exit will exit platypus and not mysql.
But again, this isn't the case in an upgraded shell, it works as expected

It stil would be (i think) better to have the exit command not overrided in a regular (not upgraded) shell, and have only platyquit

Thanks for the gif, it made things clearer ! :)

Answer 9 · 2021-05-02T17:54:36.000Z

I tried playing with Upgrade too, but with some trouble. A few ideas of improvement :
While using the list command, add the session type, like "termite" or "pty" or "simple shell" to know their type and be able to differentiate them.

I recommend you to use a web interface, it is more convenient and direct viewing.
For example:

Answer 10 · 2021-05-02T17:56:08.000Z

Yeah, but having the cli part working smoothly is also a good thing.. (Weird setups, headless, etc)