Fixing TTYs with script - For when there's no python/3

After catching a reverse shell in CTF-style challenges with nc, you generally need to fix the TTY (In short - How the terminal works). Without fixing it, you have numerous problems - The most obvious being that command-line programs cannot accept inputs on a different line - So no typing in a password for sudo. Obviously a major issue!

The most common method I use is with python, or python3 - Depending on how old the system is. The syntax for this is:

python -c "import pty; pty.spawn('/bin/bash');"

Or simply adding a 3 for python3:

python3 -c "import pty; pty.spawn('/bin/bash');"

Most boxes generally have one or the other, so you're set from there. The issue comes when you get a shell inside a container that lacks python. I recently came across this scenario and discovered script.

script is - To quote from the man pages:

script makes a typescript of everything on your terminal session.

In short - It saves everything in your session to a log file. It turns out, if you use a few parameters, you can use it to fix your TTY (Or more specifically - Silently redirect running output to bash whilst setting the log file to /dev/null) - Or - In code form:

script -qc bash /dev/null

 

In the following screenshot I realize that there's no python or python3, realize script and bash exists, and use script to run bash to get a fixed TTY inside a container.

Enabling case sensitivity in Windows Folders

I recently discovered that - By default - The Windows Filesystem is case insensitive.

 This is easily testable.

Folders

Files

If you require case sensitivity to be enabled in a specific folder, you can run:

fsutil file setCaseSensitiveInfo C:\Reelix\CaseTest enable

You will get informed that it has been enabled.

C:\Reelix\CaseTest>fsutil file setCaseSensitiveInfo C:\Reelix\CaseTest enable
Case sensitive attribute on directory C:\Reelix\CaseTest is enabled.

You can then test the results.

Possible issues

If you get Error: The request is not supported. run

powershell Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux

And reboot.

If you get Error: Access is denied. then use an administrative terminal.

Enjoy!

John - Fixing "No OpenCL devices found" for fast GPU cracking

If anyone has tried to do password cracking, they might realize that they generally have 2 options:

1.) Hashcat - Small Range of Hash Formats - Fast Cracking (GPU)
2.) John The Ripper - Large Range of Hash Formats - Slow Cracking (CPU)

What many people don't know is that John can actually do GPU cracking in some instances!

When cracking a hash with John, many people have probably seen something similar to the following recommending the OpenCL variation

Warning: detected hash type "sometype", but the string is also recognized as "sometype-opencl"

But have simply glossed over it, since attempting to use --format:sometype-opencl has simply resulted in a No OpenCL devices found error, and the hash cracks fine (Albeit slowly using only the CPU)

This bug has existed for a long time - This is how to solve it, and get super-fast GPU cracking on John!

1.) In your John folder, open up etc\OpenCL\vendors\nvidia.icd in a text editor

2.) You will see something like c:\Windows\System32\nvopencl.dll

3.) Go to C:\Windows\System32\, and search for nvopencl64.dll - In my case, it was hidden inside a DriverStore folder

4.) Copy the path of it (If you have multiple, simply use the first one), and place the full path inside Johns nvidia.icd, replacing what's already there

5.) Save, and re-run john with the --format:whatever-opencl

Enjoy your fast GPU cracking :)