GTFOBins.github.io/_data/functions.yml

95 lines
2.8 KiB
YAML
Raw Normal View History

2018-07-16 15:01:50 +02:00
---
# this is the rendering order of functions
2018-10-05 19:29:52 +02:00
shell:
label: Shell
2018-06-01 12:40:05 +02:00
description: |
2018-10-05 19:55:38 +02:00
It can be used to break out from restricted environments by spawning an
2018-10-05 19:29:52 +02:00
interactive system shell.
2018-05-21 21:14:41 +02:00
2018-10-05 19:29:52 +02:00
command:
label: Command
2018-06-01 12:40:05 +02:00
description: |
2018-10-05 19:55:38 +02:00
It can be used to break out from restricted environments by running
2018-10-05 19:29:52 +02:00
non-interactive system commands.
2018-05-21 21:14:41 +02:00
2018-10-05 19:29:52 +02:00
reverse-shell:
label: Reverse shell
2018-06-01 12:40:05 +02:00
description: |
2018-08-24 14:46:43 +02:00
It can send back a reverse shell to a listening attacker to open a remote
network access.
2018-05-21 21:14:41 +02:00
2018-10-05 19:55:38 +02:00
non-interactive-reverse-shell:
label: Non-interactive reverse shell
2018-06-01 12:40:05 +02:00
description: |
2018-08-24 14:46:43 +02:00
It can send back a non-interactive reverse shell to a listening attacker to
open a remote network access.
2018-05-21 21:14:41 +02:00
2018-10-05 19:29:52 +02:00
bind-shell:
label: Bind shell
2018-06-01 12:40:05 +02:00
description: |
2018-08-24 14:46:43 +02:00
It can bind a shell to a local port to allow remote network access.
2018-05-21 21:14:41 +02:00
2018-10-05 19:55:38 +02:00
non-interactive-bind-shell:
label: Non-interactive bind shell
2018-06-01 12:40:05 +02:00
description: |
2018-08-24 14:46:43 +02:00
It can bind a non-interactive shell to a local port to allow remote network
access.
2018-05-21 21:14:41 +02:00
2018-10-05 19:29:52 +02:00
file-upload:
label: File upload
2018-06-01 12:40:05 +02:00
description: |
It can exfiltrate files on the network.
2018-05-21 21:14:41 +02:00
2018-10-05 19:29:52 +02:00
file-download:
label: File download
2018-06-01 12:40:05 +02:00
description: |
2018-08-24 14:46:43 +02:00
It can download remote files.
2018-05-21 21:14:41 +02:00
2018-08-24 14:46:43 +02:00
file-write:
label: File write
2018-06-01 12:40:05 +02:00
description: |
2018-08-24 14:46:43 +02:00
It writes data to files, it may be used to do privileged writes or write
files outside a restricted file system.
2018-08-24 14:46:43 +02:00
file-read:
label: File read
2018-06-01 12:40:05 +02:00
description: |
2018-08-24 14:46:43 +02:00
It reads data from files, it may be used to do privileged reads or disclose
files outside a restricted file system.
2018-05-25 15:30:02 +02:00
2018-10-05 19:29:52 +02:00
library-load:
2018-05-25 15:30:02 +02:00
label: Library load
2018-06-01 12:40:05 +02:00
description: |
It loads shared libraries that may be used to run code in the binary
execution context.
2018-05-28 19:08:53 +02:00
2018-10-05 19:29:52 +02:00
suid:
2018-08-24 14:46:43 +02:00
label: SUID
2018-06-01 12:40:05 +02:00
description: |
2018-08-24 14:46:43 +02:00
It runs with the SUID bit set and may be exploited to access the file
system, escalate or maintain access with elevated privileges working as a
2018-08-24 15:34:09 +02:00
SUID backdoor. If it is used to run `sh -p`, omit the `-p` argument on systems
like Debian that allow the default `sh` shell to run with SUID privileges.
2018-05-28 19:55:44 +02:00
2018-10-05 19:29:52 +02:00
sudo:
2018-08-24 14:46:43 +02:00
label: Sudo
2018-06-01 12:40:05 +02:00
description: |
2018-08-24 14:46:43 +02:00
It runs in privileged context and may be used to access the file system,
escalate or maintain access with elevated privileges if enabled on `sudo`.
2018-10-05 19:29:52 +02:00
capabilities:
2018-09-12 22:56:42 +02:00
label: Capabilities
description: |
2018-09-16 11:02:55 +02:00
It can manipulate its process UID and can be used on Linux as a backdoor to maintain
elevated privileges with the `CAP_SETUID` capability set. This also works when executed
2018-09-16 11:02:33 +02:00
by another binary with the capability set.
2018-09-12 22:56:42 +02:00
2018-10-05 19:29:52 +02:00
limited-suid:
2018-08-24 14:46:43 +02:00
label: Limited SUID
description: |
It runs with the SUID bit set and may be exploited to access the file
system, escalate or maintain access with elevated privileges working as a
2018-08-24 15:34:09 +02:00
SUID backdoor. If it is used to run commands it only works on systems
like Debian that allow the default `sh` shell to run with SUID privileges.