From 6a0bbe44d325665def613f9e857f0a797afd5643 Mon Sep 17 00:00:00 2001 From: Betty Date: Sun, 1 Mar 2026 13:31:20 +0100 Subject: [PATCH] post: commit 0cd3d6c in bojemoi --- .../commits/2026-03-01-commit-0cd3d6c.md | 47 +++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 content/posts/commits/2026-03-01-commit-0cd3d6c.md diff --git a/content/posts/commits/2026-03-01-commit-0cd3d6c.md b/content/posts/commits/2026-03-01-commit-0cd3d6c.md new file mode 100644 index 0000000..23acdd8 --- /dev/null +++ b/content/posts/commits/2026-03-01-commit-0cd3d6c.md @@ -0,0 +1,47 @@ +--- +title: "[bojemoi] uzi: shell→meterpreter upgrade + fix Telegram chat_id" +date: 2026-03-01T13:31:20+01:00 +draft: false +tags: ["commit", "bojemoi", "main"] +categories: ["Git Activity"] +summary: "Commit 0cd3d6c par Betty dans bojemoi" +author: "Betty" +--- + +## Commit `0cd3d6c` + +| | | +|---|---| +| **Repository** | bojemoi | +| **Branch** | `main` | +| **Author** | Betty | +| **Hash** | `0cd3d6c5380737493f70bf353ed97fb2005fc1c6` | + + +### Description + +- Add upgrade_to_meterpreter(): injects msfvenom ELF stager via base64 into + shell sessions, connects bind_tcp handler — no LHOST/reverse routing needed +- Add handle_new_sessions(): auto-upgrades new shell sessions, deduplicates + via upgraded_sessions set, then sends Telegram alert +- Fix port conflict: kill stale stager on bind_port before injection (fuser -k) +- Fix read_secret(): env var now takes priority over Docker secret file, + allowing TELEGRAM_ALERT_CHAT_ID override without recreating shared secrets +- Stack: add BIND_PORT=5556, PYTHONUNBUFFERED=1, TELEGRAM_ALERT_CHAT_ID=-5087117106 + +Co-Authored-By: Claude Sonnet 4.6 + +### Files Changed + +``` +M borodino/thearm_uzi +M stack/40-service-borodino.yml +``` + +### Diff Summary + +``` + borodino/thearm_uzi | 123 ++++++++++++++++++++++++++++++++++++++++-- + stack/40-service-borodino.yml | 3 ++ + 2 files changed, 121 insertions(+), 5 deletions(-) +```