GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → llamasoft → Polyshell

llamasoft / Polyshell

A Bash/Batch/PowerShell polyglot!

Programming Languages

powershell
5483 projects

Labels

polyglot

Projects that are alternatives of or similar to Polyshell

Sample Programs
Sample Programs in Every Programming Language
Stars: ✭ 323 (+109.74%)
Mutual labels:  polyglot
Htshells
Self contained htaccess shells and attacks
Stars: ✭ 708 (+359.74%)
Mutual labels:  polyglot
Python Chess
A chess library for Python, with move generation and validation, PGN parsing and writing, Polyglot opening book reading, Gaviota tablebase probing, Syzygy tablebase probing, and UCI/XBoard engine communication
Stars: ✭ 1,341 (+770.78%)
Mutual labels:  polyglot
Sockethub
A protocol gateway for the Web.
Stars: ✭ 329 (+113.64%)
Mutual labels:  polyglot
Konfig
Composable, observable and performant config handling for Go for the distributed processing era
Stars: ✭ 597 (+287.66%)
Mutual labels:  polyglot
Kundera
A JPA 2.1 compliant Polyglot Object-Datastore Mapping Library for NoSQL Datastores.Please subscribe to:
Stars: ✭ 892 (+479.22%)
Mutual labels:  polyglot
Enso Archive
Looking for Enso, the visual programming language? ➡️ https://github.com/enso-org/enso
Stars: ✭ 305 (+98.05%)
Mutual labels:  polyglot
Python Plus Plus
A framework for creating Python/C++ polyglots, programs valid in both programming languages
Stars: ✭ 138 (-10.39%)
Mutual labels:  polyglot
Core
MetaCall: The ultimate polyglot programming experience.
Stars: ✭ 596 (+287.01%)
Mutual labels:  polyglot
Tweetable Polyglot Png
Pack up to 3MB of data into a tweetable PNG polyglot file.
Stars: ✭ 299 (+94.16%)
Mutual labels:  polyglot
Enso
Hybrid visual and textual functional programming.
Stars: ✭ 5,238 (+3301.3%)
Mutual labels:  polyglot
Vim Doge
(Do)cumentation (Ge)nerator 10+ languages 📚 Generate proper code documentation skeletons with a single keypress. ⚡️🔥
Stars: ✭ 533 (+246.1%)
Mutual labels:  polyglot
O
🌀 Text editor suitable for writing git commit messages and editing Markdown files. Can build executables and jump to errors at the press of `ctrl-space`, for several programming languages. Can format code with `ctrl-w`. Provides general syntax highlighting, rainbow parenthesis and cut/paste portals. o is intentionally limited to VT100.
Stars: ✭ 54 (-64.94%)
Mutual labels:  polyglot
Coherence
Oracle Coherence Community Edition
Stars: ✭ 328 (+112.99%)
Mutual labels:  polyglot
Projecteuler
Polyglot solutions for www.projecteuler.net mathematical challenges
Stars: ✭ 137 (-11.04%)
Mutual labels:  polyglot
Dexec
🐳 Command line interface for running code in many languages via Docker.
Stars: ✭ 314 (+103.9%)
Mutual labels:  polyglot
Microservices
A microservices environment managed by Docker Compose.
Stars: ✭ 16 (-89.61%)
Mutual labels:  polyglot
Snowcrash
A polyglot payload generator
Stars: ✭ 143 (-7.14%)
Mutual labels:  polyglot
Hof
The High Code Framework (low-code for devs)
Stars: ✭ 138 (-10.39%)
Mutual labels:  polyglot
Terrastack
This project is archived, but the idea of Terrastack lives on in the Terraform CDK. - https://github.com/hashicorp/terraform-cdk
Stars: ✭ 71 (-53.9%)
Mutual labels:  polyglot
View All Similar Projects ➔

PolyShell: a Bash/Batch/PowerShell polyglot

What It Is

PolyShell is a script that's simultaneously valid in Bash, Windows Batch, and PowerShell (i.e. a polyglot).

This makes PolyShell a useful template for penetration testing as it can be executed on most systems without the need for target-specific payloads. PolyShell is also specifically designed to be deliverable via input injection using a USB Rubby Ducky, MalDuino, or similar device.

Batch demo Powershell demo Unix shell demo

How To Use It

As a stand-alone script

  1. Copy/rename the script so it has the correct file extension (.sh, .bat, or .ps1).
  2. Run the script with a Unix shell, as a batch file, or with PowerShell.

Using input injection

  1. Open a terminal on the target machine.
  2. Run the payload.
  3. Press Ctrl-C, then run exit.

The input injection method will behave slightly differently than the script method. When run as a script, the payload will exit immediately once a language has been processed. When delivered via injection, the payload runs a read loop instead. Without it, the payload would close the terminal window but continue typing into an unknown window instead. The Ctrl-C breaks the script out of the read loop, allowing it run without unintended side-effects.

Additionally, pasting the script into a terminal might fail. Once the script reaches the read loop, some terminals will treat the remaining pasted text as the read loop's input (good), but others may continue executing the script when the read loop exits (bad).

How It Works

The main trick is to get each other language to "look away" when we want to run code specific to only one of them. This is accomplished by exploiting language quirks surrounding quoting, redirection, and comments.
Consider the following line:

echo \" <<'BATCH_SCRIPT' >/dev/null ">NUL "\" \`" <#"

Each language sees the echo command, but will interpret the rest of the line differently.
For example, this is what each language will interpret as a string:

      echo \" <<'BATCH_SCRIPT' >/dev/null ">NUL "\" \`" <#"
Bash                                      [-----]     [---]
Batch       [-----------------------------]     [-]   [---]
PS          [-----------------------------]     [-]

After executing the line, the bash script will be in a here document, PowerShell script will be in a multiline-comment, and the batch script will continue executing normally. After each language is done executing, we terminate it. This prevents us from needing to work around its quirks later in the script.

Quirks

Obviously, the tricks required to make this polyglot doesn't follow normal coding conventions.
There are quite a few quirks that were leveraged or had to be worked around:

  • All three languages have different escape characters:
    • Bash: backslash (\)
    • Batch: caret (^)
    • PowerShell: backtick (`)
  • Escape characters work inside Bash and PowerShell strings, but not batch strings.
  • Redirects (i.e. < and >) have special meaning in all three languages unless quoted.
  • Redirects don't have to be at the end of a command.
    • This is valid Bash/Batch/PowerShell: echo >output.txt "Hello World"
  • Batch is the only language without multi-line strings or comments.
  • Batch treats > as a redirect even when it directly touches a string, but PowerShell doesn't.
  • Batch script GOTO statements only work when run as a script, not when run interactively.
  • PowerShell's multi-line comment (<#) must be immediately preceded by whitespace.
  • Bash's here documents may begin anywhere so long as it's unquoted and not a comment.
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].