./pwncat -l 192.168.10.184 9999 --self-inject /bin/sh:192.168.10.184:10000 -vvvvv
2022-08-09 13:43:45,186 DEBUG [MainThread] 3396:__init__(): STDOUT isatty: True
2022-08-09 13:43:45,186 DEBUG [MainThread] 3397:__init__(): STDIN isatty: True
2022-08-09 13:43:45,186 DEBUG [MainThread] 3398:__init__(): STDIN posix: False (posix)
2022-08-09 13:43:45,186 DEBUG [MainThread] 1465:create_socket(): Creating (family 10/IPv6, TCP) socket
2022-08-09 13:43:45,186 DEBUG [MainThread] 1485:create_socket(): Disabling IPv4 support on IPv6 socket
2022-08-09 13:43:45,186 DEBUG [MainThread] 1465:create_socket(): Creating (family 2/IPv4, TCP) socket
2022-08-09 13:43:45,186 DEBUG [MainThread] 1414:gethostbyname(): Resolving IPv4 name not required, changing to IPv6: ::ffff:192.168.10.184
2022-08-09 13:43:45,186 DEBUG [MainThread] 1418:gethostbyname(): Resolving IPv4 host not required, already an IP: 192.168.10.184
2022-08-09 13:43:45,187 DEBUG [MainThread] 1517:bind(): Binding (family 10/IPv6, TCP) socket to ::ffff:192.168.10.184:9999
2022-08-09 13:43:45,187 DEBUG [MainThread] 1517:bind(): Binding (family 2/IPv4, TCP) socket to 192.168.10.184:9999
2022-08-09 13:43:45,187 DEBUG [MainThread] 2214:run_server(): Removing (family 10/IPv6) due to: Binding (family 10/IPv6, TCP) socket to ::ffff:192.168.10.184:9999 failed: [Errno 22] Invalid argument
2022-08-09 13:43:45,187 DEBUG [MainThread] 1545:listen(): Listening with backlog=0
2022-08-09 13:43:45,187 INFO [MainThread] 2247:run_server(): Listening on 192.168.10.184:9999 (family 2/IPv4, TCP)
2022-08-09 13:43:45,187 DEBUG [MainThread] 1574:accept(): Waiting for TCP client
2022-08-09 13:44:25,264 INFO [MainThread] 1591:accept(): Client connected from 192.168.10.254:5555 (family 2/IPv4, TCP)
[PWNCAT CnC] Checking if remote sends greeting...
2022-08-09 13:44:25,615 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 0.350531 sec in 1/5 rounds
2022-08-09 13:44:25,965 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 0.701250 sec in 2/5 rounds
2022-08-09 13:44:26,316 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.051963 sec in 3/5 rounds
2022-08-09 13:44:26,667 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.402650 sec in 4/5 rounds
2022-08-09 13:44:27,017 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.753344 sec in 5/5 rounds
[PWNCAT CnC] Checking if remote sends prefix/suffix to every request...
2022-08-09 13:44:27,018 DEBUG [MainThread] 1898:send(): Trying to send 15 bytes to 192.168.10.254:5555
2022-08-09 13:44:27,018 TRACE [MainThread] 1904:send(): Trying to send: b'echo "__pwn__"\n'
2022-08-09 13:44:27,018 DEBUG [MainThread] 1921:send(): Sent 15 bytes to 192.168.10.254:5555 (0 bytes remaining)
2022-08-09 13:44:27,368 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 0.350471 sec in 1/5 rounds
2022-08-09 13:44:27,719 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 0.701191 sec in 2/5 rounds
2022-08-09 13:44:28,070 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.051911 sec in 3/5 rounds
2022-08-09 13:44:28,420 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.402645 sec in 4/5 rounds
2022-08-09 13:44:28,771 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.753336 sec in 5/5 rounds
2022-08-09 13:44:28,771 DEBUG [MainThread] 4771:__set_remote_prefix(): Set suffix before: []
2022-08-09 13:44:28,771 DEBUG [MainThread] 4773:__set_remote_prefix(): Set suffix after: []
[PWNCAT CnC] Remote does not send prefix
[PWNCAT CnC] Remote does not send suffix
2022-08-09 13:44:28,772 DEBUG [MainThread] 4827:__set_remote_python_path(): Probing for: which python3
2022-08-09 13:44:28,772 DEBUG [MainThread] 1898:send(): Trying to send 26 bytes to 192.168.10.254:5555
2022-08-09 13:44:28,772 TRACE [MainThread] 1904:send(): Trying to send: b'which python3 2>/dev/null\n'
2022-08-09 13:44:28,772 DEBUG [MainThread] 1921:send(): Sent 26 bytes to 192.168.10.254:5555 (0 bytes remaining)
2022-08-09 13:44:29,122 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 0.350484 sec in 1/5 rounds
2022-08-09 13:44:29,473 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 0.701201 sec in 2/5 rounds
2022-08-09 13:44:29,824 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.051899 sec in 3/5 rounds
2022-08-09 13:44:30,175 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.402663 sec in 4/5 rounds
2022-08-09 13:44:30,525 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.753401 sec in 5/5 rounds
[PWNCAT CnC] Response:
2022-08-09 13:44:30,526 DEBUG [MainThread] 4827:__set_remote_python_path(): Probing for: which python
2022-08-09 13:44:30,526 DEBUG [MainThread] 1898:send(): Trying to send 25 bytes to 192.168.10.254:5555
2022-08-09 13:44:30,526 TRACE [MainThread] 1904:send(): Trying to send: b'which python 2>/dev/null\n'
2022-08-09 13:44:30,526 DEBUG [MainThread] 1921:send(): Sent 25 bytes to 192.168.10.254:5555 (0 bytes remaining)
2022-08-09 13:44:30,877 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 0.350487 sec in 1/5 rounds
2022-08-09 13:44:31,228 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 0.701441 sec in 2/5 rounds
2022-08-09 13:44:31,579 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.052403 sec in 3/5 rounds
2022-08-09 13:44:31,930 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.403363 sec in 4/5 rounds
2022-08-09 13:44:32,281 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.754384 sec in 5/5 rounds
[PWNCAT CnC] Response:
2022-08-09 13:44:32,282 DEBUG [MainThread] 4827:__set_remote_python_path(): Probing for: which python2
2022-08-09 13:44:32,282 DEBUG [MainThread] 1898:send(): Trying to send 26 bytes to 192.168.10.254:5555
2022-08-09 13:44:32,283 TRACE [MainThread] 1904:send(): Trying to send: b'which python2 2>/dev/null\n'
2022-08-09 13:44:32,283 DEBUG [MainThread] 1921:send(): Sent 26 bytes to 192.168.10.254:5555 (0 bytes remaining)
2022-08-09 13:44:32,634 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 0.350500 sec in 1/5 rounds
2022-08-09 13:44:32,985 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 0.701460 sec in 2/5 rounds
2022-08-09 13:44:33,336 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.052369 sec in 3/5 rounds
2022-08-09 13:44:33,687 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.403336 sec in 4/5 rounds
2022-08-09 13:44:34,038 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.754300 sec in 5/5 rounds
[PWNCAT CnC] Response:
2022-08-09 13:44:34,038 DEBUG [MainThread] 4827:__set_remote_python_path(): Probing for: which python2.7
2022-08-09 13:44:34,038 DEBUG [MainThread] 1898:send(): Trying to send 28 bytes to 192.168.10.254:5555
2022-08-09 13:44:34,039 TRACE [MainThread] 1904:send(): Trying to send: b'which python2.7 2>/dev/null\n'
2022-08-09 13:44:34,039 DEBUG [MainThread] 1921:send(): Sent 28 bytes to 192.168.10.254:5555 (0 bytes remaining)
2022-08-09 13:44:34,390 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 0.350504 sec in 1/5 rounds
2022-08-09 13:44:34,741 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 0.701578 sec in 2/5 rounds
2022-08-09 13:44:35,092 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.052568 sec in 3/5 rounds
2022-08-09 13:44:35,443 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.403498 sec in 4/5 rounds
2022-08-09 13:44:35,794 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.754471 sec in 5/5 rounds
[PWNCAT CnC] Response:
2022-08-09 13:44:35,794 DEBUG [MainThread] 4827:__set_remote_python_path(): Probing for: which python3.5
2022-08-09 13:44:35,794 DEBUG [MainThread] 1898:send(): Trying to send 28 bytes to 192.168.10.254:5555
2022-08-09 13:44:35,795 TRACE [MainThread] 1904:send(): Trying to send: b'which python3.5 2>/dev/null\n'
2022-08-09 13:44:35,795 DEBUG [MainThread] 1921:send(): Sent 28 bytes to 192.168.10.254:5555 (0 bytes remaining)
2022-08-09 13:44:36,145 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 0.350499 sec in 1/5 rounds
2022-08-09 13:44:36,496 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 0.701473 sec in 2/5 rounds
2022-08-09 13:44:36,847 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.052447 sec in 3/5 rounds
2022-08-09 13:44:37,198 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.403437 sec in 4/5 rounds
2022-08-09 13:44:37,549 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.754413 sec in 5/5 rounds
[PWNCAT CnC] Response:
2022-08-09 13:44:37,550 DEBUG [MainThread] 4827:__set_remote_python_path(): Probing for: which python3.6
2022-08-09 13:44:37,550 DEBUG [MainThread] 1898:send(): Trying to send 28 bytes to 192.168.10.254:5555
2022-08-09 13:44:37,550 TRACE [MainThread] 1904:send(): Trying to send: b'which python3.6 2>/dev/null\n'
2022-08-09 13:44:37,550 DEBUG [MainThread] 1921:send(): Sent 28 bytes to 192.168.10.254:5555 (0 bytes remaining)
2022-08-09 13:44:37,901 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 0.350496 sec in 1/5 rounds
2022-08-09 13:44:38,252 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 0.701492 sec in 2/5 rounds
2022-08-09 13:44:38,603 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.052461 sec in 3/5 rounds
2022-08-09 13:44:38,954 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.403419 sec in 4/5 rounds
2022-08-09 13:44:39,305 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.754393 sec in 5/5 rounds
[PWNCAT CnC] Response:
2022-08-09 13:44:39,306 DEBUG [MainThread] 4827:__set_remote_python_path(): Probing for: which python3.7
2022-08-09 13:44:39,306 DEBUG [MainThread] 1898:send(): Trying to send 28 bytes to 192.168.10.254:5555
2022-08-09 13:44:39,306 TRACE [MainThread] 1904:send(): Trying to send: b'which python3.7 2>/dev/null\n'
2022-08-09 13:44:39,306 DEBUG [MainThread] 1921:send(): Sent 28 bytes to 192.168.10.254:5555 (0 bytes remaining)
2022-08-09 13:44:39,657 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 0.350509 sec in 1/5 rounds
2022-08-09 13:44:40,008 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 0.701510 sec in 2/5 rounds
2022-08-09 13:44:40,359 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.052515 sec in 3/5 rounds
2022-08-09 13:44:40,710 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.403461 sec in 4/5 rounds
2022-08-09 13:44:41,061 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.754383 sec in 5/5 rounds
[PWNCAT CnC] Response:
2022-08-09 13:44:41,061 DEBUG [MainThread] 4827:__set_remote_python_path(): Probing for: which python3.8
2022-08-09 13:44:41,061 DEBUG [MainThread] 1898:send(): Trying to send 28 bytes to 192.168.10.254:5555
2022-08-09 13:44:41,062 TRACE [MainThread] 1904:send(): Trying to send: b'which python3.8 2>/dev/null\n'
2022-08-09 13:44:41,062 DEBUG [MainThread] 1921:send(): Sent 28 bytes to 192.168.10.254:5555 (0 bytes remaining)
2022-08-09 13:44:41,413 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 0.350526 sec in 1/5 rounds
2022-08-09 13:44:41,764 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 0.701422 sec in 2/5 rounds
2022-08-09 13:44:42,115 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.052393 sec in 3/5 rounds
2022-08-09 13:44:42,465 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.403347 sec in 4/5 rounds
2022-08-09 13:44:42,816 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.754319 sec in 5/5 rounds
[PWNCAT CnC] Response:
[PWNCAT CnC] Probing for: /usr/bin/python3
2022-08-09 13:44:42,817 DEBUG [MainThread] 1898:send(): Trying to send 58 bytes to 192.168.10.254:5555
2022-08-09 13:44:42,818 TRACE [MainThread] 1904:send(): Trying to send: b'test -f /usr/bin/python3 && echo /usr/bin/python3 || echo\n'
2022-08-09 13:44:42,818 DEBUG [MainThread] 1921:send(): Sent 58 bytes to 192.168.10.254:5555 (0 bytes remaining)
2022-08-09 13:44:43,169 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 0.350547 sec in 1/5 rounds
2022-08-09 13:44:43,520 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 0.701487 sec in 2/5 rounds
2022-08-09 13:44:43,871 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.052430 sec in 3/5 rounds
2022-08-09 13:44:44,222 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.403409 sec in 4/5 rounds
2022-08-09 13:44:44,573 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.754423 sec in 5/5 rounds
[...]
[PWNCAT CnC] Probing for: /opt/python3.8/bin/python3.8
2022-08-09 13:49:21,820 DEBUG [MainThread] 1898:send(): Trying to send 82 bytes to 192.168.10.254:5555
2022-08-09 13:49:21,820 TRACE [MainThread] 1904:send(): Trying to send: b'test -f /opt/python3.8/bin/python3.8 && echo /opt/python3.8/bin/python3.8 || echo\n'
2022-08-09 13:49:21,820 DEBUG [MainThread] 1921:send(): Sent 82 bytes to 192.168.10.254:5555 (0 bytes remaining)
2022-08-09 13:49:22,171 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 0.350498 sec in 1/5 rounds
2022-08-09 13:49:22,522 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 0.701218 sec in 2/5 rounds
2022-08-09 13:49:22,872 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.051955 sec in 3/5 rounds
2022-08-09 13:49:23,223 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.402681 sec in 4/5 rounds
2022-08-09 13:49:23,574 TRACE [MainThread] 4481:send_recv(): Timeout: Receive timed out after 1.753400 sec in 5/5 rounds
[PWNCAT CnC] No Python has been found. Aborting and handing over to current shell.
2022-08-09 13:49:23,575 TRACE [RECV] 4014:run_action(): [RECV] Producer Start
2022-08-09 13:49:23,575 TRACE [STDIN] 4014:run_action(): [STDIN] Producer Start
2022-08-09 13:51:35,682 DEBUG [RECV] 2032:receive(): Received 19 bytes from 192.168.10.254:5555
2022-08-09 13:51:35,682 TRACE [RECV] 2038:receive(): Received: b'string from client\n'
2022-08-09 13:51:35,682 TRACE [RECV] 4016:run_action(): [RECV] Producer received: b'string from client\n'
string from client
STRING FROM SERVER
2022-08-09 13:51:49,136 DEBUG [STDIN] 3435:producer(): Received 19 bytes from STDIN
2022-08-09 13:51:49,136 TRACE [STDIN] 3436:producer(): Received: b'STRING FROM SERVER\n'
2022-08-09 13:51:49,136 TRACE [STDIN] 4016:run_action(): [STDIN] Producer received: b'STRING FROM SERVER\n'
2022-08-09 13:51:49,136 DEBUG [STDIN] 1898:send(): Trying to send 19 bytes to 192.168.10.254:5555
2022-08-09 13:51:49,136 TRACE [STDIN] 1904:send(): Trying to send: b'STRING FROM SERVER\n'
2022-08-09 13:51:49,136 DEBUG [STDIN] 1921:send(): Sent 19 bytes to 192.168.10.254:5555 (0 bytes remaining)
./pwncat --source-port 5555 --source-addr 192.168.10.254 192.168.10.184 9999 -vvvvv
2022-08-09 13:44:25,266 DEBUG [MainThread] 3396:__init__(): STDOUT isatty: True
2022-08-09 13:44:25,266 DEBUG [MainThread] 3397:__init__(): STDIN isatty: True
2022-08-09 13:44:25,266 DEBUG [MainThread] 3398:__init__(): STDIN posix: False (posix)
2022-08-09 13:44:25,266 DEBUG [MainThread] 1465:create_socket(): Creating (family 10/IPv6, TCP) socket
2022-08-09 13:44:25,266 DEBUG [MainThread] 1485:create_socket(): Disabling IPv4 support on IPv6 socket
2022-08-09 13:44:25,266 DEBUG [MainThread] 1465:create_socket(): Creating (family 2/IPv4, TCP) socket
2022-08-09 13:44:25,267 DEBUG [MainThread] 1414:gethostbyname(): Resolving IPv4 name not required, changing to IPv6: ::ffff:192.168.10.184
2022-08-09 13:44:25,267 DEBUG [MainThread] 1418:gethostbyname(): Resolving IPv4 host not required, already an IP: 192.168.10.184
2022-08-09 13:44:25,267 DEBUG [MainThread] 1636:connect(): Binding specifically to 192.168.10.254:5555
2022-08-09 13:44:25,267 DEBUG [MainThread] 1517:bind(): Binding (family 10/IPv6, TCP) socket to 192.168.10.254:5555
2022-08-09 13:44:25,267 DEBUG [MainThread] 1636:connect(): Binding specifically to 192.168.10.254:5555
2022-08-09 13:44:25,267 DEBUG [MainThread] 1517:bind(): Binding (family 2/IPv4, TCP) socket to 192.168.10.254:5555
2022-08-09 13:44:25,267 DEBUG [MainThread] 1641:connect(): Connecting to 192.168.10.184:9999 (family 2/IPv4, TCP)
2022-08-09 13:44:25,268 DEBUG [MainThread] 1690:connect(): Connected from 192.168.10.254:5555
2022-08-09 13:44:25,269 INFO [MainThread] 1695:connect(): Connected to 192.168.10.184:9999 (family 2/IPv4, TCP)
2022-08-09 13:44:25,269 TRACE [RECV] 4014:run_action(): [RECV] Producer Start
2022-08-09 13:44:25,269 TRACE [STDIN] 4014:run_action(): [STDIN] Producer Start
2022-08-09 13:44:27,023 DEBUG [RECV] 2032:receive(): Received 15 bytes from 192.168.10.184:9999
2022-08-09 13:44:27,023 TRACE [RECV] 2038:receive(): Received: b'echo "__pwn__"\n'
2022-08-09 13:44:27,023 TRACE [RECV] 4016:run_action(): [RECV] Producer received: b'echo "__pwn__"\n'
echo "__pwn__"
2022-08-09 13:44:28,777 DEBUG [RECV] 2032:receive(): Received 26 bytes from 192.168.10.184:9999
2022-08-09 13:44:28,777 TRACE [RECV] 2038:receive(): Received: b'which python3 2>/dev/null\n'
2022-08-09 13:44:28,777 TRACE [RECV] 4016:run_action(): [RECV] Producer received: b'which python3 2>/dev/null\n'
which python3 2>/dev/null
2022-08-09 13:44:30,532 DEBUG [RECV] 2032:receive(): Received 25 bytes from 192.168.10.184:9999
2022-08-09 13:44:30,532 TRACE [RECV] 2038:receive(): Received: b'which python 2>/dev/null\n'
2022-08-09 13:44:30,532 TRACE [RECV] 4016:run_action(): [RECV] Producer received: b'which python 2>/dev/null\n'
which python 2>/dev/null
2022-08-09 13:44:32,288 DEBUG [RECV] 2032:receive(): Received 26 bytes from 192.168.10.184:9999
2022-08-09 13:44:32,288 TRACE [RECV] 2038:receive(): Received: b'which python2 2>/dev/null\n'
2022-08-09 13:44:32,289 TRACE [RECV] 4016:run_action(): [RECV] Producer received: b'which python2 2>/dev/null\n'
which python2 2>/dev/null
2022-08-09 13:44:34,044 DEBUG [RECV] 2032:receive(): Received 28 bytes from 192.168.10.184:9999
2022-08-09 13:44:34,044 TRACE [RECV] 2038:receive(): Received: b'which python2.7 2>/dev/null\n'
2022-08-09 13:44:34,044 TRACE [RECV] 4016:run_action(): [RECV] Producer received: b'which python2.7 2>/dev/null\n'
which python2.7 2>/dev/null
2022-08-09 13:44:35,800 DEBUG [RECV] 2032:receive(): Received 28 bytes from 192.168.10.184:9999
2022-08-09 13:44:35,800 TRACE [RECV] 2038:receive(): Received: b'which python3.5 2>/dev/null\n'
2022-08-09 13:44:35,800 TRACE [RECV] 4016:run_action(): [RECV] Producer received: b'which python3.5 2>/dev/null\n'
which python3.5 2>/dev/null
2022-08-09 13:44:37,556 DEBUG [RECV] 2032:receive(): Received 28 bytes from 192.168.10.184:9999
2022-08-09 13:44:37,556 TRACE [RECV] 2038:receive(): Received: b'which python3.6 2>/dev/null\n'
2022-08-09 13:44:37,556 TRACE [RECV] 4016:run_action(): [RECV] Producer received: b'which python3.6 2>/dev/null\n'
which python3.6 2>/dev/null
2022-08-09 13:44:39,311 DEBUG [RECV] 2032:receive(): Received 28 bytes from 192.168.10.184:9999
2022-08-09 13:44:39,312 TRACE [RECV] 2038:receive(): Received: b'which python3.7 2>/dev/null\n'
2022-08-09 13:44:39,312 TRACE [RECV] 4016:run_action(): [RECV] Producer received: b'which python3.7 2>/dev/null\n'
which python3.7 2>/dev/null
2022-08-09 13:44:41,067 DEBUG [RECV] 2032:receive(): Received 28 bytes from 192.168.10.184:9999
2022-08-09 13:44:41,067 TRACE [RECV] 2038:receive(): Received: b'which python3.8 2>/dev/null\n'
2022-08-09 13:44:41,068 TRACE [RECV] 4016:run_action(): [RECV] Producer received: b'which python3.8 2>/dev/null\n'
which python3.8 2>/dev/null
2022-08-09 13:44:42,823 DEBUG [RECV] 2032:receive(): Received 58 bytes from 192.168.10.184:9999
2022-08-09 13:44:42,823 TRACE [RECV] 2038:receive(): Received: b'test -f /usr/bin/python3 && echo /usr/bin/python3 || echo\n'
2022-08-09 13:44:42,823 TRACE [RECV] 4016:run_action(): [RECV] Producer received: b'test -f /usr/bin/python3 && echo /usr/bin/python3 || echo\n'
test -f /usr/bin/python3 && echo /usr/bin/python3 || echo
2022-08-09 13:44:44,579 DEBUG [RECV] 2032:receive(): Received 56 bytes from 192.168.10.184:9999
2022-08-09 13:44:44,579 TRACE [RECV] 2038:receive(): Received: b'test -f /usr/bin/python && echo /usr/bin/python || echo\n'
2022-08-09 13:44:44,579 TRACE [RECV] 4016:run_action(): [RECV] Producer received: b'test -f /usr/bin/python && echo /usr/bin/python || echo\n'
[...]
2022-08-09 13:49:21,826 DEBUG [RECV] 2032:receive(): Received 82 bytes from 192.168.10.184:9999
2022-08-09 13:49:21,826 TRACE [RECV] 2038:receive(): Received: b'test -f /opt/python3.8/bin/python3.8 && echo /opt/python3.8/bin/python3.8 || echo\n'
2022-08-09 13:49:21,826 TRACE [RECV] 4016:run_action(): [RECV] Producer received: b'test -f /opt/python3.8/bin/python3.8 && echo /opt/python3.8/bin/python3.8 || echo\n'
test -f /opt/python3.8/bin/python3.8 && echo /opt/python3.8/bin/python3.8 || echo
string from client
2022-08-09 13:51:35,685 DEBUG [STDIN] 3435:producer(): Received 19 bytes from STDIN
2022-08-09 13:51:35,685 TRACE [STDIN] 3436:producer(): Received: b'string from client\n'
2022-08-09 13:51:35,686 TRACE [STDIN] 4016:run_action(): [STDIN] Producer received: b'string from client\n'
2022-08-09 13:51:35,686 DEBUG [STDIN] 1898:send(): Trying to send 19 bytes to 192.168.10.184:9999
2022-08-09 13:51:35,686 TRACE [STDIN] 1904:send(): Trying to send: b'string from client\n'
2022-08-09 13:51:35,686 DEBUG [STDIN] 1921:send(): Sent 19 bytes to 192.168.10.184:9999 (0 bytes remaining)
2022-08-09 13:51:49,141 DEBUG [RECV] 2032:receive(): Received 19 bytes from 192.168.10.184:9999
2022-08-09 13:51:49,142 TRACE [RECV] 2038:receive(): Received: b'STRING FROM SERVER\n'
2022-08-09 13:51:49,142 TRACE [RECV] 4016:run_action(): [RECV] Producer received: b'STRING FROM SERVER\n'
STRING FROM SERVER
After iterating through all combinations, pwncat dumps to existing shell (which still echoes content back and forth) because it cannot find python; however, python is definitely installed and this bug persists across linux distros. I'm pretty sure there's something wrong with the client returning remote_command output because the only packets from client to server had null payloads.