Hello, just found this tool last night and it looks amazing. Just starting to play around with it this evening and I have a great reverse shell (multiple shells with the maintain function) and I have tried to upload files unsuccessfully multiple times.

Here's what one session looks like when trying to use the run upload_privesc_scripts command

The session gets disconnected and then says the upload was successful and then tells you there there are no sessions.

Here's another time when I tried to upload the linpeas.sh script from my system to the remote machine and the session was disconnected again but I had enabled the maintain function and a new shell was spawned. None of the file are visible on the remote system. I have validated that I can write files to the location that I am trying to upload to

I was able to do a download. I downloaded the entire /etc/ directory without any issue.

The system is running CentOS release 5.6 (Final) Linux version 2.6.18-238.12.1.el5 ([email protected]) (gcc version 4.1.2 20080704 (Red Hat 4.1.2-50)) #1 SMP Tue May 31 13:23:01 EDT 2011

Great tool even without the upload, but I will definitely have an even bigger ear to ear grin if I can get the upload working.

Thanks for an excellent tool!

Hi,

First of all, this tool is amazing. Right now i facing weird issue is that the console just simply messed up after receiving more than 2 connection.

I attached screenshot to visually describe the issue

thank you!

The shell command "script /dev/null" (and some variations) work without spawning a Python process to launch a PTY shell.

I'd recommend doing this before trying to do the better known Python method, as it is more reliable.

Hi When I am trying to connect to the shell through Linux ubuntu 5.11.0-34-generic (using fish shell), it is writing to me: "Invalid shell from"

It would be awesome if you added deepce (Docker enumeration ) , PrivescCheck (Fancy script)

options.recon_scripts = {
'Unix':[
	'https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh',
	'https://raw.githubusercontent.com/diego-treitos/linux-smart-enumeration/master/lse.sh',
	'https://raw.githubusercontent.com/stealthcopter/deepce/main/deepce.sh'
],
'Windows':[
	'https://raw.githubusercontent.com/PowerShellEmpire/PowerTools/master/PowerUp/PowerUp.ps1',
	'https://raw.githubusercontent.com/itm4n/PrivescCheck/master/PrivescCheck.ps1'
]}

I'm glad to see the creation of this tool,During my use, I came up with a new idea: Can I connect to the current penelope console at another terminal by running the same command again? This makes it easy for me to connect and manage multiple sessions at the same time

Hello,

I'm working on a very old version of Red Hat (Linux tophat.acme.com 2.4.20-8 #1 Thu Mar 13 17:54:28 EST 2003 i686 athlon i386 GNU/Linux) and I noticed this when using penelope and trying to clear the screen it would not work and you would get an error about unknown terminal xterm-256color

Trying to clear the terminal

Environment

Setting the TERM variable to TERM=xterm

The clear command works now

Not a huge deal by any means, not sure if you were aware or had experienced this or not and not sure if you can check for something like this and set the TERM variable to a standard xterm if xterm-256color is not possible.

Thanks for the great tool! I'm loving using it and cannot wait to, hopefully, see some updates in the not too distant future (Windows multiple sessions , etc. ;-) )

I loved your script I have a question can you do some type of stuff like if its windows shell instead of aborting the shell it starts the shell with non tty mode

Hello, I'm about to pull down v0.9.2 and was wondering if you could elaborate on what these two statements translate to.

• Removed Unix 'advanced' shell support
• Removed PTY Windows shell support temporarily

I'm particularly interested in the Windows shell support. Does this mean that using v0.9.2 of penelope no longer supports any Windows reverse shells, or no longer supports some subset of Windows reverse shells?

What does the removal of Unix 'advanced' shell support mean as far as reduced functionality?

Thanks again for an excellent tool!! Very glad to see some development updates.

Hi, great work with penelope! My target machine is windows client, so it is not possible to upgrade shell to PTY. When I try do download a file / folder it does not show up "download sucsseful" and the file is not stored on the penelope location it should be. So, is it because the shell is not PTY? Isn t it possible to download files with the simple shell? And, if it isn t, Is there any command to see contents of files on targest system, instead of downloading them? Thanks