Windows ConPTY issues

[opensesamedoors]

[jm33-m0]

You reported this in #199, is this still an issue in the latest release?

[jm33-m0]

/dev/shm/ is no longer used since this commit.

emp3r0r/core/lib/agent/sshd_linux.go

Line 44 in 6f838fc

new_exe := fmt.Sprintf("%s/.%s", RuntimeConfig.UtilsPath, util.RandStr(22))

According to your screenshot you are not using the latest version. Can you try with the latest version and see if it works? I did a quick test and no bugs were found.

Which IDE do you use to debug the tmux GUI,now I just use function PRINTF

I don't use an IDE, I'm a vim user. And I believe this bug is already fixed, the root cause of this issue is the self deletion feature and it has been addressed.

[opensesamedoors]

Sorry,it works on ubuntu but still reports error on windows.

[jm33-m0]

I can confirm this for Windows platform, thanks for reporting. I will push a fix soon.

[jm33-m0]

This is weird enough, looks like conhost.exe is invisible to agent process, with or without admin privilege.

SSH shell session fails because currently I use conhost.exe to invoke the shells.

[jm33-m0]

Further testing shows that conhost.exe is missing for 32 bit agent, if you build it with amd64 option it will pop up shell just fine.

And currently ConPTY buffer size can't be auto resized correctly, the shell is barely usable.

[jm33-m0]

Thanks, I will try to implement this solution in future releases.

[jm33-m0]

• Fix shell for 32bit Windows program
• Support non-ConPTY shells
• Fix auto-resizing for Windows ConPTY shell

Matching the console buffer size between C2 and agent side is quite tricky for Windows. There's a mode.com utility that works like stty under Linux, but running it can only change the console buffer of the calling process, and the shell process is a child process thus unaffected.

The ideal way is to execute mode /con:cols=x lines=y command in the shell in real time. Currently the solution I can think of is to implement a go routine that runs in background (along with the elvsh shell, so they live in the same process) and reads buffer size from a environment variable (WIDTH=x) then resizes its console buffer (with mode.com or term package from Go).

[jm33-m0]

@opensesamedoors Now interactive shell support for both 32bit and 64bit Windows should be working, you should have the same experience as on Linux hosts. I believe this feature supports Windows versions as old as Windows 7 (as stated by winpty.