New function yaml

This commit is contained in:
Emilio Pinna 2018-10-05 18:29:52 +01:00
parent 1dfb03b013
commit 1c77f099d3

View File

@ -1,48 +1,48 @@
--- ---
# this is the rendering order of functions # this is the rendering order of functions
execute-interactive: shell:
label: Interactive execute label: Shell
description: | description: |
It executes interactive commands that may be used to break out from It can be used to break out from restricted environments by spawning an
restricted shells. interactive system shell.
execute-non-interactive: command:
label: Non-interactive execute label: Command
description: | description: |
It executes non-interactive commands that may be used to break out from It can be used to break out from restricted environments by running
restricted shells. non-interactive system commands.
reverse-shell-interactive: reverse-shell:
label: Interactive reverse shell label: Reverse shell
description: | description: |
It can send back a reverse shell to a listening attacker to open a remote It can send back a reverse shell to a listening attacker to open a remote
network access. network access.
reverse-shell-non-interactive: reverse-non-interactive-shell:
label: Non-interactive reverse shell label: Reverse non-interactive shell
description: | description: |
It can send back a non-interactive reverse shell to a listening attacker to It can send back a non-interactive reverse shell to a listening attacker to
open a remote network access. open a remote network access.
bind-shell-interactive: bind-shell:
label: Interactive bind shell label: Bind shell
description: | description: |
It can bind a shell to a local port to allow remote network access. It can bind a shell to a local port to allow remote network access.
bind-shell-non-interactive: bind-non-interactive-shell:
label: Non-interactive bind shell label: Bind non-interactive shell
description: | description: |
It can bind a non-interactive shell to a local port to allow remote network It can bind a non-interactive shell to a local port to allow remote network
access. access.
upload: file-upload:
label: Upload label: File upload
description: | description: |
It can exfiltrate files on the network. It can exfiltrate files on the network.
download: file-download:
label: Download label: File download
description: | description: |
It can download remote files. It can download remote files.
@ -58,13 +58,13 @@ file-read:
It reads data from files, it may be used to do privileged reads or disclose It reads data from files, it may be used to do privileged reads or disclose
files outside a restricted file system. files outside a restricted file system.
load-library: library-load:
label: Library load label: Library load
description: | description: |
It loads shared libraries that may be used to run code in the binary It loads shared libraries that may be used to run code in the binary
execution context. execution context.
suid-enabled: suid:
label: SUID label: SUID
description: | description: |
It runs with the SUID bit set and may be exploited to access the file It runs with the SUID bit set and may be exploited to access the file
@ -72,20 +72,20 @@ suid-enabled:
SUID backdoor. If it is used to run `sh -p`, omit the `-p` argument on systems SUID backdoor. If it is used to run `sh -p`, omit the `-p` argument on systems
like Debian that allow the default `sh` shell to run with SUID privileges. like Debian that allow the default `sh` shell to run with SUID privileges.
sudo-enabled: sudo:
label: Sudo label: Sudo
description: | description: |
It runs in privileged context and may be used to access the file system, It runs in privileged context and may be used to access the file system,
escalate or maintain access with elevated privileges if enabled on `sudo`. escalate or maintain access with elevated privileges if enabled on `sudo`.
capabilities-enabled: capabilities:
label: Capabilities label: Capabilities
description: | description: |
It can manipulate its process UID and can be used on Linux as a backdoor to maintain It can manipulate its process UID and can be used on Linux as a backdoor to maintain
elevated privileges with the `CAP_SETUID` capability set. This also works when executed elevated privileges with the `CAP_SETUID` capability set. This also works when executed
by another binary with the capability set. by another binary with the capability set.
suid-limited: limited-suid:
label: Limited SUID label: Limited SUID
description: | description: |
It runs with the SUID bit set and may be exploited to access the file It runs with the SUID bit set and may be exploited to access the file