mirror of
https://github.com/GTFOBins/GTFOBins.github.io
synced 2024-12-24 13:59:17 +01:00
Avoid the "exploit" verb to reduce confusion
This commit is contained in:
parent
12b8ceee39
commit
31af1e879f
@ -3,6 +3,6 @@
|
||||
[Build Status]: https://travis-ci.org/GTFOBins/GTFOBins.github.io.svg?branch=master
|
||||
[travis]: https://travis-ci.org/GTFOBins/GTFOBins.github.io
|
||||
|
||||
GTFOBins is a curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions.
|
||||
GTFOBins is a curated list of Unix binaries that can used to bypass local security restrictions in misconfigured systems.
|
||||
|
||||
Find the project at https://gtfobins.github.io
|
||||
|
@ -48,9 +48,9 @@ library-load:
|
||||
suid:
|
||||
label: SUID
|
||||
description: |
|
||||
If the binary has the SUID bit set, it does not drop the elevated privileges and may be exploited to access the file system, escalate or maintain privileged access as a SUID backdoor. If it is used to run `sh -p`, omit the `-p` argument on systems like Debian (<= Stretch) that allow the default `sh` shell to run with SUID privileges.
|
||||
If the binary has the SUID bit set, it does not drop the elevated privileges and may be abused to access the file system, escalate or maintain privileged access as a SUID backdoor. If it is used to run `sh -p`, omit the `-p` argument on systems like Debian (<= Stretch) that allow the default `sh` shell to run with SUID privileges.
|
||||
|
||||
This example creates a local SUID copy of the binary and runs it to maintain elevated privileges. To exploit an existing SUID binary skip the first command and run the program using its original path.
|
||||
This example creates a local SUID copy of the binary and runs it to maintain elevated privileges. To interact with an existing SUID binary skip the first command and run the program using its original path.
|
||||
|
||||
sudo:
|
||||
label: Sudo
|
||||
@ -63,6 +63,6 @@ capabilities:
|
||||
limited-suid:
|
||||
label: Limited SUID
|
||||
description: |
|
||||
If the binary has the SUID bit set, it may be exploited to access the file system, escalate or maintain access with elevated privileges working as a SUID backdoor. If it is used to run commands (e.g., via `system()`-like invocations) it only works on systems like Debian (<= Stretch) that allow the default `sh` shell to run with SUID privileges.
|
||||
If the binary has the SUID bit set, it may be abused to access the file system, escalate or maintain access with elevated privileges working as a SUID backdoor. If it is used to run commands (e.g., via `system()`-like invocations) it only works on systems like Debian (<= Stretch) that allow the default `sh` shell to run with SUID privileges.
|
||||
|
||||
This example creates a local SUID copy of the binary and runs it to maintain elevated privileges. To exploit an existing SUID binary skip the first command and run the program using its original path.
|
||||
This example creates a local SUID copy of the binary and runs it to maintain elevated privileges. To interact with an existing SUID binary skip the first command and run the program using its original path.
|
||||
|
8
index.md
8
index.md
@ -5,14 +5,14 @@ title: GTFOBins
|
||||
|
||||
![logo](/assets/logo.png){:.logo}
|
||||
|
||||
GTFOBins is a curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions.
|
||||
GTFOBins is a curated list of Unix binaries that can used to bypass local security restrictions in misconfigured systems.
|
||||
|
||||
The project collects legitimate functions of Unix binaries that can be abused to <strike>get the f**k</strike> break out restricted shells, escalate or maintain elevated privileges, transfer files, spawn bind and reverse shells, and facilitate the other post-exploitation tasks. See the full list of [functions](/functions/).
|
||||
|
||||
This was inspired by the [LOLBAS][] project for Windows.
|
||||
The project collects legitimate [functions](/functions/) of Unix binaries that can be abused to ~~get the f**k~~ break out restricted shells, escalate or maintain elevated privileges, transfer files, spawn bind and reverse shells, and facilitate the other post-exploitation tasks.
|
||||
|
||||
GTFOBins is a [collaborative][] project created by [Emilio Pinna][norbemi] and [Andrea Cardaci][cyrus_and] where everyone can [contribute][] with additional binaries and techniques.
|
||||
|
||||
If you are looking for Windows binaries you should visit [LOLBAS][].
|
||||
|
||||
[functions]: /functions/
|
||||
[LOLBAS]: https://lolbas-project.github.io/
|
||||
[collaborative]: https://github.com/GTFOBins/GTFOBins.github.io/graphs/contributors
|
||||
|
Loading…
Reference in New Issue
Block a user