cat -b --ShowHex doesn't seem to work on linux

[59e5aaf4]

Not sure what's going on. I suspect it's a linux vs windows rtr scripts issue. Confirmed by unaliasing the commands using auditd & script block logging. ( haha )

/ # cat /home/user/.bash_history -h
Usage: cat [-h] [-b] file

Read a file from disk and display as ASCII or hex.

positional arguments:
  file           File to read the contents of

optional arguments:
  -h, --help     show this help message and exit
  -b, --ShowHex  Show the results in hexadecimal byte format instead of ASCII

/ # cat -b /home/user/.bash_history
Executing command: cat /home/user/.bash_history -ShowHex
hostname:
At least one error was detected. Check the log file for full details.
List of errors detected:

On windows it works

C:\> cat C:\windows\system32\drivers\etc\hosts -
[-b, --ShowHex]    [-h, --help]       
C:\> cat C:\windows\system32\drivers\etc\hosts -b
Executing command: cat C:\windows\system32\drivers\etc\hosts -ShowHex
hostname: 23-20-43-6F-70-79-72-69-67-68-74-20-28-63-29-20-31-39-39-33-2D-32-30-30-39-20-4D-69-63-72-6F-73-6F-66-74-20-43-6F-72-70-2E-0D-0A-23-0D-0A-23-20-54-68-69-73-20-69-73-20-61-20-73-61-6D-70-6C-65-20-48-4F-53-54-53-20-66-69-6C-65-20-75-73-65-64-20-62-79-20-4D-69-63-72-6F-73-6F-66-74-20-54-43-50-2F-49-50-20-66-6F-72-20-57-69-6E-64-6F-77-73-2E-0D-0A-23-0D-0A-23-20-54-68-69-73-20-66-69-6C-65-20-63-6F-6E-74-61-69-6E-73-20-74-68-65-20-6D-61-70-

Not sure how the translation to actual parameters from RTR options is made under the hood.

PARAMETER WD
   Current working directory
PARAMETER Param1
   File to concatenate
PARAMETER Param2
   Number of bytes to read (max=32768)
PARAMETER Param3
   Offset (in byte value) to start reading from
PARAMETER Param4
   Show the results in hexadecimal format

The bash script doesn't seem to have the same options, and the associated code doesn't seem to implement any of these (???)

# PARAMETER WD
#    Current working directory
# PARAMETER Param1
#   File to concatenate
# PARAMETER Param2
#    Number the output lines starting from 1
# PARAMETER Param3
#    Display non-printing characters, and display tab characters as `^I'.

Not sure if the problem lies in falcon-toolkit offering options that don't exist on linux, or in RTR scripts that don't support doing advanced hacking techniques known as "a hex dump" :D

Cheers

[ChristopherHammond13]

Thanks for raising! I believe this is due to a difference in the RTR commands offered on Windows and Linux. Given that you can connect to systems across multiple operating systems at the same time, we do not filter or modify the available commands or parameters by OS.

Besides, restricting this would require dynamically deciding which parameters to include in each command's argparser at runtime which would be quite complex for relatively little gain. I believe this can be solved with some better documentation, but I'd be open to alternatives here.