Hi everybody, today I’ll talk about the pseudo-tty idea I had and why I decided to stop the development of that module and why.
ReGeorg is a module that could be applied to multiple language, it is made so that you will be able to proxy a TCP connection through a script. The way it operates for example in PHP is that it will wrap the connection sent through a special header and get the answer using a special python client.
How to get a pseudo-tty
Since you’re able to create a TCP connection on the machine, we can imagine a scenario where you’ll listen locally on a port (binding on 127.0.0.1 for example), create a tunnel using ReGeorg then connect to it with the python client ReGeorg provides.
The scenario is pretty straightforward but it would unlock all of the problems I had earlier.
Why I might still take the project back
There is still some applications where a covert channel using files could be useful. We can imagine the case where you’re able to send a file and recover files on the filesystem but not get a full shell in a web language.