3b93c6137d
subprocess.run was already patched with CREATE_NO_WINDOW, but Popen and os.startfile were unprotected. Agent code could open visible GUI windows via subprocess.Popen(['notepad.exe']) or os.startfile().
31 lines
1.3 KiB
Python
31 lines
1.3 KiB
Python
import sys, os, json, re, time, subprocess
|
|
sys.path.append(os.path.join(os.path.dirname(os.path.abspath(__file__)), '..', 'memory'))
|
|
_r = subprocess.run
|
|
def _d(b):
|
|
if not b: return ''
|
|
if isinstance(b, str): return b
|
|
try: return b.decode()
|
|
except: return b.decode('gbk', 'replace')
|
|
def _run(*a, **k):
|
|
t = k.pop('text', 0) | k.pop('universal_newlines', 0)
|
|
enc = k.pop('encoding', None)
|
|
k.pop('errors', None)
|
|
if enc: t = 1
|
|
if t and isinstance(k.get('input'), str):
|
|
k['input'] = k['input'].encode()
|
|
r = _r(*a, **k)
|
|
if t:
|
|
if r.stdout is not None: r.stdout = _d(r.stdout)
|
|
if r.stderr is not None: r.stderr = _d(r.stderr)
|
|
return r
|
|
subprocess.run = _run
|
|
_Pi = subprocess.Popen.__init__
|
|
def _pinit(self, *a, **k):
|
|
if os.name == 'nt': k['creationflags'] = (k.get('creationflags') or 0) | 0x08000000
|
|
_Pi(self, *a, **k)
|
|
subprocess.Popen.__init__ = _pinit
|
|
if hasattr(os, 'startfile'):
|
|
def _nosf(*a, **k): raise RuntimeError("startfile disabled in sandbox")
|
|
os.startfile = _nosf
|
|
sys.excepthook = lambda t, v, tb: (sys.__excepthook__(t, v, tb), print(f"\n[Agent Hint]: NO GUESSING! You MUST probe first. If missing common package, pip.")) if issubclass(t, (ImportError, AttributeError)) else sys.__excepthook__(t, v, tb)
|