Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing format string in attack_take_screenshot.py #83

Closed
1ncludeSteven opened this issue Sep 23, 2024 · 1 comment · Fixed by #84
Closed

Missing format string in attack_take_screenshot.py #83

1ncludeSteven opened this issue Sep 23, 2024 · 1 comment · Fixed by #84
Assignees
@Maspital
Labels
bug Something isn't working

Comments

@1ncludeSteven
Copy link

Describe the bug
When running fkie-cad/socbed/src/attacks/attack_take_screenshot.py, a bug will occur because of missing format string in following lines:

def _collect_files(self):
        file = self.screenshot_file
        # !!!!!! we should use f"screenshot -p {file}" rather than "screenshot -p {file}"
        self.ssh_client.write_lines(self.handler.stdin, ["screenshot -p {file}",
                                                         "background"])

To Reproduce
use attackconsole, run c2_take_screenshot after running infect_email_exe

Expected behavior
image

Current behavior
A screenshot should be store in /root/screenshot.jpeg rather then saved in /root/{file}
image
@1ncludeSteven 1ncludeSteven added the bug Something isn't working label Sep 23, 2024
@Maspital Maspital self-assigned this Sep 24, 2024
@Maspital Maspital mentioned this issue Sep 25, 2024
Merged
@Maspital
Copy link
Collaborator

Maspital commented Sep 25, 2024
edited
Loading

Thanks for the heads up :) my first thought was "why wasn't that caught by some unit tests" - turned out there are none for this specific attack.

Edit: Will be merged into main after pipeline https://github.com/fkie-cad/socbed/actions/runs/11029166801 completes

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Maspital Maspital

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add missing format string and unit tests fkie-cad/socbed
2 participants
@Maspital @1ncludeSteven