From c75cb544d8f2bb7797290c54be451d8ad565b5f6 Mon Sep 17 00:00:00 2001 From: shiblisec Date: Tue, 20 Dec 2022 17:33:01 +0530 Subject: [PATCH 1/3] Added custom buffer size flag --- jsh.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/jsh.py b/jsh.py index e0b7162..3095974 100644 --- a/jsh.py +++ b/jsh.py @@ -36,7 +36,7 @@ parser.add_argument('-c', help='command to execute after get the shell', dest='command', default=str()) parser.add_argument('-w', help='timeout for shell connection', dest='secs', type=float, default=0) parser.add_argument('-q', help='quiet mode', dest='quiet', action='store_true') - +parser.add_argument('-b', help='buffer size (default:1024)', dest='buffer', default=1024) args = parser.parse_args() @@ -45,6 +45,7 @@ gene = args.gene cmd = args.command secs = args.secs +buffersize = args.buffer try: port = int(format(args.port)) @@ -174,7 +175,7 @@ def main(): try: c, addr = s.accept() - resp = c.recv(1024).decode() + resp = c.recv(int(buffersize)).decode() except KeyboardInterrupt: if sys.platform == 'win32': print('\nControl-C') From 302c5699b8414b202b3f4fabfeb9da85ce0f2d24 Mon Sep 17 00:00:00 2001 From: Pham Sy Minh <59408894+shelld3v@users.noreply.github.com> Date: Tue, 20 Dec 2022 21:02:00 +0700 Subject: [PATCH 2/3] Better fix --- jsh.py | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/jsh.py b/jsh.py index 3095974..0111d95 100644 --- a/jsh.py +++ b/jsh.py @@ -1,9 +1,10 @@ #!/usr/bin/env python3 import socket import sys -from requests import get import argparse +from requests import get + red = '\033[1;31m' white = '\033[1;m' @@ -36,7 +37,6 @@ parser.add_argument('-c', help='command to execute after get the shell', dest='command', default=str()) parser.add_argument('-w', help='timeout for shell connection', dest='secs', type=float, default=0) parser.add_argument('-q', help='quiet mode', dest='quiet', action='store_true') -parser.add_argument('-b', help='buffer size (default:1024)', dest='buffer', default=1024) args = parser.parse_args() @@ -45,7 +45,6 @@ gene = args.gene cmd = args.command secs = args.secs -buffersize = args.buffer try: port = int(format(args.port)) @@ -175,7 +174,10 @@ def main(): try: c, addr = s.accept() - resp = c.recv(int(buffersize)).decode() + resp = "" + while b: + b = c.recv(1024).decode() + resp += b except KeyboardInterrupt: if sys.platform == 'win32': print('\nControl-C') From 864c5b91e14c6ec6d69011255d03f1a8a0235064 Mon Sep 17 00:00:00 2001 From: shiblisec Date: Tue, 20 Dec 2022 20:13:38 +0530 Subject: [PATCH 3/3] Fixed the buffer size issue --- jsh.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/jsh.py b/jsh.py index 0111d95..9ef78e6 100644 --- a/jsh.py +++ b/jsh.py @@ -175,16 +175,19 @@ def main(): try: c, addr = s.accept() resp = "" - while b: + while True: b = c.recv(1024).decode() + if not b: + break resp += b except KeyboardInterrupt: if sys.platform == 'win32': print('\nControl-C') exit() - except: + except(e): + print(e) s.close() - main() + if 'Accept' in resp and 'HTTP' in resp: print('Got JS shell from [%s] port %s to %s %s' % (addr[0], addr[1], socket.gethostname(), port))