30 March 2023

Pentesting Fun Stuff

following the cyber security path…


When writing write-ups for CTFs and other pentesting challenges there are several cool things to use to give your write-up a little ‘faafoom’.
One of those things is Asciinema, which is a program to create a recording of your terminal.

According the creators, asciinema [as-kee-nuh-muh] is a free and open source solution for recording terminal sessions and sharing them on the web.

The awesome thing about asciinema is that your can replay your terminal session and select the text. It doesn’t matter if you play it locally or remotely.
How cool is that? For my write-ups or demonstrations, this is a very cool feature.

Installing asciinema

Asciinema can be found in the official Debian repository, so installing it is simple.

n0w4n@redteam:~$ sudo apt search asciinema
Sorting... Done
Full Text Search... Done
asciinema/kali-rolling,now 2.0.2-1 all [installed]
  Record and share your terminal sessions, the right way
sudo apt install asciinema -y


When asciinema is installed you can easily record your session by running the command (replace [session] with the name of your choosing)

asciinema rec [session]

To stop recording, simply press CTRL+d

n0w4n@redteam:~$ asciinema --help
usage: asciinema [-h] [--version] {rec,play,cat,upload,auth} ...

Record and share your terminal sessions, the right way.

positional arguments:
    rec                 Record terminal session
    play                Replay terminal session
    cat                 Print full output of terminal session
    upload              Upload locally saved terminal session to asciinema.org
    auth                Manage recordings on asciinema.org account

optional arguments:
  -h, --help            show this help message and exit
  --version             show program's version number and exit

example usage:
  Record terminal and upload it to asciinema.org:
    asciinema rec
  Record terminal to local file:
    asciinema rec demo.cast
  Record terminal and upload it to asciinema.org, specifying title:
    asciinema rec -t "My git tutorial"
  Record terminal to local file, limiting idle time to max 2.5 sec:
    asciinema rec -i 2.5 demo.cast
  Replay terminal recording from local file:
    asciinema play demo.cast
  Replay terminal recording hosted on asciinema.org:
    asciinema play https://asciinema.org/a/difqlgx86ym6emrmd8u62yqu8
  Print full output of recorded session:
    asciinema cat demo.cast

For help on a specific command run:
  asciinema <command> -h


The source code can be found on github: https://github.com/asciinema/asciinema


But what if your hosting provider doesn’t like script codes? To embed the recording you need to upload it to the asciinema server and paste the embedded player plus recording into your webpage. That will not always work. But what then?

Converting is the answer!!!

Asciicast2gif is a program written to convert a asciinema recording to a gif picture. This way you can show it on your website without having the problem to deal with script code.

Installing asciicast2gif

Unfortunately is asciicast2gif not available in the Debian repository.
There are some tutorials on how to do it from scratch and build it on your own system, but there is a simple way to get asciicast2gif running on your system within a few minutes.

To do this you need docker.

sudo apt install docker.io docker-doc -y

Then you need to pull the docker image

sudo docker pull asciinema/asciicast2gif

And finally you need to run the command to start the converting of your recording

sudo docker run --rm -v $PWD:/data asciinema/asciicast2gif -s 2 -t solarized-dark file.cast file.gif

And that’s it. Keep in mind that there is no progress bar and if you have a long recording it may take a while….so don’t kill the process, but be patient.


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.